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PART I • INTRODUCTION 



This report describes a computer-based instructional system for teaching 
the notion of mathematical proof. The system is capable of handling formalizations 
of the full predicate calculus with identity (and, with minor work, definite 
description). Designed as an instructional device (a course in number theory is 
presently being prepared), the program is also the basis for a number of research 
projects involving the use of mechanical t heorem- prove rs for teaching theorem- 
proving. The intention here is to present, in detail, the entire system, the 
program as written in the LISP programming language [McCarthy, 19631 for a PDP-10 
computer. Instructions on how to use the system for both research and teaching, 
block diagrams of key program routines, and example curriculums are included. 

The purpose of this report is to provide enough detail so that versions m other 
languages for other computer systems may be programmed from the information 
offered here. As a result, subsequent sections are dense with descriptions 
of particular routines of the instructional program. While current research on 
interfacing various theorem- proving programs are mentioned in this paper, they 

-will t>e reported on in more detail elsewhere. 

The underlying foundation of first-order logic of this instructional system, 

like the Institute for Mathematical Studies in the Social Sciences (IMSSS) logic 
and algebra program [Suppes & Binford, 1965; Suppes, Jerman & Brian, 1968, 

Appendix I; Suppes & Ihrke, 1970; Suppes, 1971], is a natural deduction 
treatment. The main thrust of both programs is to let the student construct 
proofs or derivations. The student has a simple command language made up of 
mnemonics that name axioms and theorems, rules of inference, and proof 
procedures. The user can type commands that reference specific lines of the 
proof or derivation and thab specify occurrences of sjnnbols and terms within 
a line. If the commands are correct, the program generates new lines of the 
proofs or derivations. By these means, the student can generate any line 
regardless of its relevance to finding the problem solution. The freedom to 
use commands means that the program rejects all ideas of right and wrong proofs; 
the student can follow any one of a number of solution paths. But this freedom 
means that the program is not aware of what the student is doing. It may mean, 
aside from prestored hints, that the program cannot- offer the user (the student) 
any help in completing the derivation. In an attempt to solve this problem, a 
mechanical theorem-prover that generates solutions of the algebra problems was 
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developed. The theorem- pro ver is employed as a proof- analyzer that examines 
incomplete derivations done hy students and gives the students hints or advice 
on how to utilize their own partial proofs to arrive at complete ones. Details 
of this theorem- prover will appear in Goldberg [ 1971] • 

The core of this instructional program is a set of routines that permit 
the user to construct proofs or derivations. The program is a natural successor 
to the UVISSS logic and algebra program, and many of ius features result from 
experience obtained in schools running that program. Unlike the logic and 
algebra program, this instructional system can be characterized .as more than a 
proof checker. It is a more powerful interpretive system in which an individual, 
be he student, teacher, or researcher, can develop and then study a nonlogical 
axiomatic theory along whatever lines he himself specifies. The program allows 
one to build the command language for constructing proofs; the user can specify 
a vocabulary and a set of axioms with corresponding names- prove and name 
theorems and lemmas, and derive new rules of inference. The program, which 
"knows" only primitive rules of predicate calculus, consists of routines that 
compute and learn new commands from the well-formed formulas of the system. 

When the user attempts to construct a proof within the system he so specifies, 
he types commands from the command language he built himself . In order to 
interpret such commands, generalized processing routines check each command 
for correct syntax and usage and compute appropriate error messages if the 
command is not a valid one. 

Both the co mma nd language and a curriculum can be constructed by a teacher. 
The curriculum can be a course, say, in number theory or elementary axiomatic 
geometry. The student follows the curriculum, but he always has the option of 
interrupting the linear sequence of problems and making up his own problems. 

The student might avail himself of this feature of the program when (a) he wants 
to redo a problem to assure himself that he understands the proof procedures 
being introduced; (b) the problems are too hard and he wants to try some easier 
ones before continuing with the teacher’s problems; (c) the problems are too 
easy and he wants to try more challenging ones; or (d) a problem requires a 
subsidiary derivation. The student may prove the formula and name it as a 
lemma, thereby simplifying the original problem by using that lemma. Here, 
the distinction between a teacher and a student becomes a narrow one, because 
the student himself can enlarge (or initially specify) the command language or 
invent a "curriculum" for himself and his classmates. 



2 7 



The principal advantages of this program are twofold. First, the generality 
and flexibility of tne program provides the user with a sort of experimental 
laboratory in which to explore new ideas (or investigate old ones) connected with 
formalized theories. The student with some of his own notions about constructing 
•formal systems can readily test them in a systematic and unambiguous manner: 
the program acts as a tireless proof checker. Second, GAI programs are usually 
based on a curriculum that is organized around strictly frame-by-frame, or 
branch- on- a- predetermined- algorithm, strategy. This mode of teaching can 
sometimes be too restrictive and somewhat less informative. We hoped to provide 
a freer structure in order to give the more innovative students access to those 

computational facilities available to the teacher. 

The interpretive tools of the system "-understand" two languages. The first, 
call it C, is the set of commands used in constructing proofs or derivations and 
is defined in M, the second language. A block diagram of the program is presented 
in Figure 1. With M, the user is able to AXIGMATIZE a theory, i.e., to specify 



Insert Figure 1 about here 



(a) the class of nonlogical constants, and (b) a class of axioms. It Is assumed 
that the logical system Is always the foundation on which new theories are built, 
but the symbols representing the logical constants are specified by the user. 

The names of axioms and the well-formed formulas derivable from the axiots 
(theorems and lemmas) are members of t. Also, M enables the user to derive rules 
of inference from axioms and from established thee reus and lemmas. These new 
rules are added to 0. Thus, 0 is further augmented by the basic logical system, 



which Is outlined in Part III. 

After the command language for constructing derivations and proofs is 
specified, the program takes on the role of a proof checker. This is the DERIVE 
part of the program. In the DERIVE stage, the user types a command and expects 
the program to generate a line of n derivation. This may involve either requests 
for substitution instances of axioms or previously proved theorems, or 
references to a set of previous lines in order to infer a new one. The program 
accepts the command, checks to see that its syntax is correct, and, in attempting 
to carry out the command, checks to make sure that the application is proper. 




8 



5 




Fig. 1. Block diagram of the instructional 
system. 
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If the syntax of the command is not acceptable, the program has a simple method 
for giving syntactic error messages. The command cannot he executed if an 
application error is detected. In this case, the program has a method for 
computing the appropriate error message. This computation is necessary because, 
•.ypically, the program interprets commands it knows only implicitly. 

Figure 2 shows a block diagram of the routines monitoring the teacher- and 
student-user modes and presents a more detailed picture of the control structure 
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of the program. The history of the student's past performance is distinct from 
the collection of any data (that is, to collect exact user protocols). The 
profile consists of information on the last problem solved, the last theorem 
proved, rules and axioms specified by the teacher that the student has been 
taught and therefore is allowed to use, and the student's own derived rules of 
inference and lemmas he may have proven. This information is all part of the 
canmand language the student is building, and it can be retained for all future 

work. 

The distinction between teacher and student is not a hard and fast one. 

Conceivably, an individual may act as both the teacher and the student, setting 
up a theory in which he wants to try to construct proofs. Or a student may 
try his skills on specifying a curriculum for his fellow classmates. It is 
possible that the teacher specifies the vocabulary and then gives the student 
a set of formulas. The student is told to choose no more than N formulas as 
axioms and then to prove the rest from these axioms, the primitive rules and 
procedures, and any new rules he derives. Although this is an instructional 
technique with which this instructional system has already been used, it will 
not be described here. 

The remainder of this report is organized into three parts. In the first 
part, the components of a first-order theory and the methods for specifying it 
are explained. The reader who is mainly interested in how a user constructs 
proofs might well skip this background material. The second presents the 
structure of the command language, C, with explanations on how to use the 
proof procedures and primitive rules of inference, and how to derive new rules 
of inference. There is a problem, viz., the kinds of error analysis routines 
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required in order to effectively teach the student the command language. They 
are of two kinds — errors of command syntax and errors in applying the rules of 
inference, especially the derived rules. The error analysis routines are described 
in this second part. Finally, the language for specifying problems is defined 
with examples taken from elementary algebra. 

PART II. SPECIFYING THE F.OBMAL SYSTEM 

1, The Vocabulary 

The program is limited to purely symbolic languages, where each identifier 
is a string of one or more alphabetic or special characters. The first step in 
developing a formal language is to define a meaningful expression. There are 
two kinds of expressions, terms and formulas. In order to give a precise 
characterization of a term or a formula, the user might specify the primitive 
vocabulary of the language, i*e., the user must unambiguously define each 
individual constant and variable, each operation symbol and each predicate 
letter. In addition, the list must include representations for the logical 
constants. 

Associated with every symbol, except the individual variables, is a fixed 
DEGREE, and attached to every individual variable is a TYPE label. These two 
elements are all that is needed to build a syntax- directed analysis routine to 
determine if a string constitutes a well-formed expression in the language. 

Every language includes three special characters that serve as delimitors— — 
left parenthesis *(', right parenthesis ' and comma 1 . A check for precedence 
relationships is not included in the analysis. Unless expressions are explicitly 
grouped using the three special characters, the routine performs a simple left-to- 
right scan. Thus expressions of the form A x B + C are parsed as A x (B + C) and 
not as (A x B) + C, which is the usual parse if hierarchy tables are used. 

A DEGREE is an ordered quadruple <i m n p> such that i and n are non- 
negative integers, and n and p are (a) any nonatomic element if the corresponding 
operation symbol, logical constant or predicate letter p represents a binary 
infix relation; (b) nonnegative integers otherwise. Formulas and nonatomic terms 
are formed with the aid of constants called "formula-makers" or "term-makers" 

*With some modifications, this notion is borrowed from Kalish and 
Montague (1961+) . 
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according to the kind of expression they generate. In the associated DEGREE, 
i is either 0 or 1 according as the constant is a term-maker or formula- maker; 
m, n, and p, respectively, are the number of immediately following variables, 
number of terms and number of formulas that the constant demands. If m ^ 0, 
then the constant is a binding operator. The individual variables are atomic 
terms. Members of the set of integers are always considered terms, but if TYRE 
labels are to be considered, their TYPE label must be specified by the user 
(in the usual interpretation, the integers have type ' AHrEBRA 1 or ’ARITHMETIC )• 
The general mathematical characterization of terms and formulas is embodied in 
(l) through (8) below (Kalish & Montague, 1964, p. 272. Items (2)-(4) are their 
characterization of a term and a formula.) 

1. The sequence of three dots, ’ is a variable . 

2. Every variable is a term and every numeral is a term . 

3. If 8 is a^ constant of DEGREE <0 m n p>, Q!-^, • • • , Q! m are 
immediately following variables, P-^ •••>P n are terms, 

< 1 ^ ..., or are formulas, and m, n, and p are nonnegative 
integers , then 



5 V • 'Vi' • -Vi' • -®p 

is a term. 

If & is a constant of DEGRE3E <1 m n p>, G^, 



.t,C t are 
1 m 



immediately following variables, & , . 



, ,6 are terms, 
n 



, ,0 are formulas, and m, n, p are nonnegative 
P 



1' 

integers, then 

&0L 



•a « 
m 1 



,,p ii 0 i* 



is a formula . 

The following restrictions and additions to the characterization of terms and 
formulas handle formally what is usually considered informal notation conventions. 
$. If m is nonzero, n and p must be nonnegative integers. 

Then the terms end formulas are defined as in (l)-(4). 

6. If m is zero and n is nonatomic (we use n = '(2)*), 
then p must be zero and the constant & represents a 
binary infix relation such that 

a. if 5 is of DEGREE <0 0 (2) 0>, and Pj ,P 2 are terms, 
then P 1 5 P 2 is a term > 
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Id. if 5 is of DEGREE <L 0 (2) 0>, and 2 are terms, 
then P -^2 is a formula. 

7 . If m is zero and p is nonatomic (we use p = '(2)'), then 
n must he zero and the constant & represents a binary 
infix relation such that if & is of DEGREE <1 0 0 (2)> 
and o^o 2 are formulas, then a-j &ff 2 is a formula ’ 

Hence, ( l) - ( 7 ) is an exhaustive characterization of expressions in the language. 

If this characterization were, in fact, implemented on the computer, we 
could easily have as a well-formed formula in the language the expression FaG, 
where F has DEGREE <L 0 1 1> and G, <L 0 0 0>. By using the comma and the 
parentheses as delimitors or punctuation marks, we can write the expression 
F(a,G), a more readable format.. Thus, an expression transcending first-order 
logic is acceptable. For our purposes this is undesirable. Admittedly, the 
parsing routine is a realization of (l)-( 7 ). An eighth restriction is imposed: 
8 . n is zero if and only if p is nonzero. 

So, with the eighth restriction included, any sequence that follows a constant 
and the possibly empty string of immediately following variables will be either 

a sequence of terms or one of formulas. 

To complete the characterization of terms and formulas, the user must 
(a) give a list of symbols regarded as constants, together with their degrees; 
and (h) name the types associated with each individual variable. For example, 
in the case of quantification-free elementary algebra built on sentential logic, 
see Table 1. The constants in the table have their usual 'thematical 



Insert Table 1 about here 



interpretations, and, by the appended definition for binary relations, are 
written in the usual way. Note that multiple definition of the minus sign, 
f - f , is acceptable. In fact, multiple definitions in general may be handled 
by careful recomputations in the cases when a particular definition is required. 

The element associated with each individual variable is the TYPE. The 
purpose of type labeling is to restrict the use of individual variables in the 
expressions, e.g., it restricts the range of values of a variable to a particulax 
universe of discourse. The TYPE is a list of labels where each label is used to 

*A texrn-maker with degree <0 0 0 ( 2 )> is meaningless. 



TABLE 1 



Elementary Algebra Symbols 



Constant 



Degree 



Representation on the 
standard teletype 



n 


<1 0 0 1> 


NOT 


8c 


<L 0 0 (2)> 


Sc 


V 


<10 0 (2)> 


OR 


— » 


<10 0 (2)> 


-> 


= 


<1 0 (2) 0> 


= 


V 


<L101> 


A 


a 


<1 1 0 1> 


E 


<-* 


<0. 0 0 (2)> 


IFF 


+ 


<0 0 (2) 0> 


+ 


- 


<0 0 (2) 0> 


- 


- 


<0 0 1 0> 


- 


/ 


<0 0 (2) 0> 


7 


X 


<0 0 (2) 0> 


X 
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name a list of individual- variables. For example, consider the operation symbol 
i + i w ith DEGREE <0 0 (2) 0> and assume that ’+' requires two algebraic terms. 

The user might name the TYPE of an algebraic term with the atom ’ ALGEBRA’ where 
ALGEBRA = (A B C D) . The TYPE list, then, consists of the TYPE names for each 
term which 'che term-maker ’+’ demands. The term formed with '+' and the two terms 
is, in itself, a term that can have a TYPE name associated with it. This type is 
called the "computed type." The computed type is also stored on the TYPE list 
associated with '+’. Thus, the TYPE for ’ +’ is a list consisting of three 
elements— three names, each of which specifies the TYPE of the argument expressions 
and well-formed terms. Given two algebraic terms, the operation symbol ’+' forms 
an algebraic term- 

A+B is a well- formed term because A and B are algebraic terms. Its computed 
type is ALGEBRA, so (A+B)+C is also well formed. Suppose the identity relation 
, = t with DEGREE <1 0 (2) 0> has TYPE = (ALGEBRA ALGEBRA NIL). This TYPE indicates 
that ' = ' demands two algebraic terms. The computed type is NIL, an atom. : that 
denotes the empty set or the ‘don’t care’ type. In other words, NIL can represent 
any TYPE. Formulas, such as those formed by ’=’, always have TYPE NIL, and all 
formula-makers will have NIL as the computed type. Term-makers must be associated 
with a non-NIL computed type and so the atom T was chosen. to denote the ’don’t 
care* type for terms. 

A=B is well formed., ^or this example, if BOOLE = (G H), then G=H is not 
well formed. However, if the TYPE associated with ’=' were (NIL NIL NIL), it 
would not matter what the types of the two terms were and G=H would be well 

formed- 

The list of all the types associated with the term-makers and formula- 
makers is called VARIABLES. If no type checking is desired, the user could 
pres umab ly let VARIABLES be a list of all the individual variables and let all 
the types be NIL. This will not do however. The procedure for proper 
substitution for predicate letters (see discussion on page 22) is where problems 
would arise. The formula to be substituted for the predicate tt may have a 
number of different free variables. Some of these variables may be replaced by 
corresponding arguments of it; the rest are non substitutable parameters. How does 
the interpreter know the difference? Both kinds must ba variables for the parser 
to recognize the expression generated by the operation of substitution. 
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So there must always he at least two lists. The first is always named 
'PARAM 1 (for parameter 1 ) and contains a list of variables that are considered 
nonsub st it ut able parameters in the procedure for proper substitution for 
predicates. All the others can be specially grouped under another TYPE name 
( such as BOOLE) . 

Some simplifications are possible. 

1. If a variable can be in two groups, or when a TYPE is the 
union of two groups already named, the type checking is 
performed both directly (is the variable CL a member of 
the list <TYPE>?) and indirectly (is the variable OC a 
member of a list whose TYPE name is on the list <TYFE>? ) 

Therefore, if PARAM are the special parameter- variables 
and VARS is a list of all the other variables, VARIABLES 
is the list (VARS PARAM). All the atomic terms are then 
recognized indirectly through the type name VARIABLES. 

2. The TYPE associated with '+' is (ALGEBRA ALGEBRA ALGEBRA). 

Since all the members of the list are the same, the TYPE 
can be written as the single atom ALGEBRA. 

By computing the associated types in the above manner, the program 
retains the recursive evaluation procedure for determining well formedness. 

This procedure depends on (a) the table of symbols; (b) associated DEGREES; 

(c) TYPE parameters; and (d) the list of individual variables. It is possible 
to multiply define symbols: if the parse fails infbrming an expression with 

respect to one DEGREE, it will continue the search with any other DEGREE 
existing on the list for the constant in question. The result obtained by the 
parser is a representation of the expression in prefix- list notation. Henceforth, 
an expression in the prefix-list notation will be called the PATTERN for the 
expression. The PATTERN is the list form of the tree, e.g., ( + A B) for A+B. 
Further examples: .(= ( + A B) C) is the PATTERN for A+B = C; (= (+ (+ A B) C) 

(+ A(+ BC))) is the PATTERN for (A + B) + C = A + (B + C). 

That the details for setting up a well-defined vocabulary is tedious is 
acknowledged. The cumbersome method presented later for creating and altering 
the vocabulary will eventually be replaced in favor of routines for computing 
DEGREES and TYEES from user-entered definitions. At no time should a student have 
to go through the present process for specifying the vocabulary. 



Specifying the vocabulary . As teacher, the user specifies the individual 
variables, and the table of logical constants, operation symbols and predicate 
letters within the constraints of (l)-(8) above. Under the defining procedures 
of the so-called TEACHER mode, the vocabulary can be created, altered by 
addition or deletion, or just viewed. This particular procedure is entered 
with the command VOCAB. The procedure is illustrated by the dialogue in 
Figure 3.'* This is the first in a series of dialogues in which the teacher 



Insert Figure 3 about here 



specifies a first-order theory and the student receives and requests problems. 
(See Figure 1 6 and Appendix IV) . Unless otherwise stated, sample proofs 
throughout this section depend on the vocabulary specified in Figure 3* 

Observe that the teacher has one last option with regard to the form of 
the formulas printed out to the student. In many cases (notably all first- 
order theories), it is common mathematical practice to omit all universal 
quantifiers and their variables if the scope of the quantifiers is the entire 
formula. Upon reqpestrby the teacher, universal quantifiers that govern the 
entire formula can be suppressed* 

2 . Implement at i o n of Prope r Substitution 

The instructional system includes routines that are realizations of the 
definitions of bondage, freedom, closure, proper substitution for free _ 
occurrences of variables and proper substitution for predicate letters.** The 
procedures required in order to carry out the two kinds of substitutions will 
be discussed. First, some definitions. 

Definition 1. D ummy variables are additional variables not in the user- 
defined vocabulary of the system. The dummy of a variable 
is formed by concatenating the character at the beginning 

and end of the variable. Thus A becomes $A$. 

^The vocabulary and problems were chosen from exercises given by Professor 
Patrick Suppes to students taking an intermediate level course in logic. 

**Standard terminology will be employed. The reader can consult Kalish and 
Montague as well as countless other books on logic. Definitions, unless to 
describe implementations, will not be repeated here. 
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♦ < START 9 

WHO ARE YOU tTYPE S OR T9? 

♦TS 

PLEASE TYPE YOUR NUMBER* 

DO YOU WANT TO CREATE OR ALTER A THEORY? < TYPE C OR A> 

+CS 

THEORY NAME? 

♦EX* 



IN SETTING UP A FIRST-ORDER THEORY YOU MUST SPECIFY 
THE VOCABULARY AND THE AXIOMS* THEN YOU CAN CHOOSE 
A SET OF WELL-FORMED FORMULAS AS THEOREMS* AND DERIVE 
NEW RULES OF INFERENCE FROM THESE 

COMMANDS ARE l VOCAB# AXIOM# THEOREM* AND RULE* TYPE 
FIN WHEN YOU ARE THROUGH* 



• vVUwwS 

YOU ARE SPECIFYING THE VOCABULARY FOR A 
FIRST-ORDER THEORY* WE WILL BEGIN BY 
SETTING UP THE TABIX OF OPERATION SYMBOLS# 
PREDICATES# AND LOGICAL CONSTANTS* 

DO YOU WANT TO CREATE# ADD# DELETE# VIEW# 

OR FINISH? « TYPE C#A#D« V# OR F> 

♦Cf 

FIRST YOU MUST SPECIFY THE LOGICAL. CONSTANTS 

NEGATION SIGN > ♦NOT* 

CCM JUNCTION SIGN! «** 

DISJUNCTION SIGN! ♦OR* 

MATERIAL IMPLICATION ♦THEN* 

MATERIAL EQUIVALENCE* ♦IFF* 

IDENTITY SIGN* *»* 

UNIVERSAL QUANTIFIER! ♦AS 
EXISTENTIAL QUANTIFIER* «* 



NOV# SPECIFY THE NON-LOG ICAL CONSTANTS* WHEN YOU ARE 
FINISHEO* JUST TYPE ALTMOOE INSTEAD OF A NEW SYMBOL* 
SYMBOL! *B* ‘ 

DEGREE! ♦<! 0 3 09* 

TYPELI ST I ♦NIL* 

SYMBOL! «RS 
DEGREE! -Kl 0 0 09* 

TYPELI ST* WIL* 

SYMBOL* ♦FS 
DEGREE* ♦< 4 0 2 0>* 

TYPELI ST I ♦NILS 

SYMBOL* *P% 

DEGREES ♦ €» 0 0 09* 

TYPELI ST* ♦NIL* 

SYMBOL! ♦F* 

DEGREE! ♦CO 0 I 09* 

TYPELI ST I ♦T* 

SYMBOL! ♦NS 

DEG RILE l ♦(! 0 1 09* 

TYPE'LK ST i ♦NIL* 



j DO YOU WANT TO CREATE* ADD* DELETE# VIEW# 

OR FINISH? C TYPE C#A*D# V* OR F> 

♦AS 

SYMBOL! ♦B* 

r DEGREE! ♦€ I 0 3 09* 

r TYPELaST I ♦tPOlNT POINT POINT NIL9* 



Fig. 3. Specifying a vocabulary 
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Figure 3* continued 



SYMBOL! *S 

DO YOU WANT TO CREATE# ADD* DELETE* VIEW* 
OR FINISH? C TYPE C*A*D* V* OR F> 



•OS 

«S 



tMICH SYMBOL DO YOU WISH TO DELETE? 

I WILL TYPE OUT EACH DEGREE* TYPE Y IF YOU 
WANT TO DELETE IT® OTHERWISE TYPE ANYTHIN 



<B I 0 3 O (POINT POINT POINT NIL)) *NOS 



(B I 0 3 0 MID *YS 
DONE 

WHICH SYMBOL DO YOU WISH TO DELETE? 



DO YOU WANT TO CREATE# ADD#DELETE# VIEW# 
OR FINISH? ( TYPE C#A*D# V# OR F ) 

♦FS 

DO YOU WANT TO CREATE# ALTER# OR VIEW 
THE VARIABLE LISTS OR ARE YOU 
FINISHED (TYPE C#A#V# OR D? 

«CS 



;j»ECIFY THE INDIVIDUAL VARIABLES 
BY PLACING THEM ON A LIST WITH AT 
ASSOCIATED TYPE NAME* DO NOT USE 
THE NAME -VARIABLES- 
END BY TYPING AN ALTMOOE* 



FIRST INDICATE A TYPE -PARAM- 
THIS IS THE LIST OF VARIABLES WHICH ARE 
CONSTANTS FOR THE PS PROCEDURE* IT CAN 
BE AN EMPTY LIST* 



TYPE* PARAM 



LIST VARIABLES (WITH PARENTHESES > t *(U V)S 
NOW ANY OTHERS? 



TYPE NAME! ♦POINTS 

LIST VARIABLES (WITH PARENTHESES) « ♦(W X Y E)S 
type NAMES •algebras 

LIST VARIABLES (WITH PARENTHESES) t *CA B C D)S 

WHAT 7s**THE type LABEL FOR THE NON-NEGATIVE 
INTEGERS? 

♦ALGEBRAS 



DO YOU WANT TO CREATE# ALTER* OR VIEW 
THE VARIABLE LISTS OR ARE YOU 
FINISHED (TYPE C*A#V# OR F>? 

•VS 

ALGEBRA • (A B C D) 

POINT • (W X Y E) 

PARAM * <U V) 

DO YOU WANT TO CREATE# ALTER# OR VIEW 
THE VARIABLE LISTS OR ARE YOU 
FINISHED (TYPE C*A#V# OR F>? 

•rs 

DO YOU WANT TO SUPPRESS PRINTING OF 
UNIVERSAL QUANTIFIERS WHERE THE SCOPE OF THE 
QUANTIFIER IS THE ENTIRE FORMULA? 

(TYPE Y* ELSE ANYTHING) 

*YS 

itflNS 
T 
. • 





Definition 2. 



Definition 3> 



Definition 4 . 



Definition 5' 



Definition 6. 



The dAfflgjff -pattern of an expression is its prefix-list notation 
with each free occurrence of a variable replaced by its 
corresponding dummy. Thus ’ A + B = B + A’ is an expression 
whose dummy pattern is; (= (+ $A$ $B$)(+ $A$)). 

The occurrence number of a symbol or term in an expression is 
determined by counting the occurrences of the symbol or term, 
starting at the left of the expression and scanning to the right. 
The scope of a constant & in a dummy pattern is given explicitly 
as any element, either a list or an atom, contained in the list 
whose first element is 8. 

Let L be the list whose first element is a constant 6 of DEGREE 
<i m n p> such that m ^ 0. Thus by f L contains the variable 
(or term) 0!' is understood to mean that 0! is either an element 
of the lis'u L or, recursively, there .is a list L* such that L' 
is an element of L and L* contains a. 

An occurrence of a variable 0! i s • bound only if there is an L 
of the sort described in definition 5 such that L contains CL. 
Then the following determines which variable binding operator 6 
of the list L binds a variable CL. 

1. If the variable Q! is one of 01 ,i«l, ...,m in the 

expression , then CL is a variable 

1ml n _l p 

of quantification bound by that &. In L, is the 
( i+l) st element, 8 is the first element. 

2. If a does not satisfy (l), but CL is within the 

scope of If a is not also within a list L 1 

such that L contains L* and the first element 
of L' is a binding operator, then & binds CL. 

The system has two functions for testing bondage. 

BOUND [IT STRING OCC] 

BOUND asks if a particular occurrence (OCC) of a variable (IT) is bound in 
the expression (STRING). The value of the expression is *T* if the indicated 
occurrence of IT is not in STRING; it is NIL if there is such an occurrence, 
but it is not bound. If the occurrence is bound, the value of the functions is 
the occurrence nuvb er of the binding operator. 
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Since symbols can "be multiply defined, it is possible that the functions 
which FIND ONE of the occurrences of a "binding operator will, in fact, find an 
occurrence of a symbol identical with a' binding operator, hut one that is used 
as, say, a predicate. Therefore, the program has the task of determining if the 
symbol is the initial element of the list L of a well-formed expression, and, if 
so, if it is being used as a binding operator. For example, let A have multiple 
degrees: <L 1 0 1> and <1 0 1 0>. Then the formula (A X(A X)) is well formed. 
The first occurrence of A is a binding operator, the second is a formula-maker. 
In the sub list (A X), X is not, of course, bound by the formula-maker A. But, 

if A has the DEGREE <1 1 0 0>, it would be. 

In order to differentiate between these various cases, the program reparses 
the list L. The parse is initially limited to a symbol table consisting 
entirely of degrees for binding operators. It is then expanded to the original 
symbol table in order to complete the analysis. If L is well formed, the first 
element of L is necessarily a binding operator. 

BOUNDANY [ IT STRING ] 

Is the variable (IT) bound anywhere in the expression (STRING)? The value 
is if there is not any occurrence of the indicated variable in STRING, T 

if there is at least one bound occurrence, and NIL if there is at least one 
occurrence but no occurrence is bound. BOUNDANY is an iterated application of 
the f \mc t ion BOUND. 

Definition 7* An occurrence of a variable CL is free in the expression cp if it 
stands within cp but is not bound in cp. Three functions answer 
the questions about freedom. 

FREE [ IT STRING OCC ] 

Is the occurrence (OCC) of the variable (IT) in the expression (STRING) 
free? This function calls on BOUND and returns NIL if the value of BOUND is 
T or *T*j otherwise it returns T. 

FREEEVERY [ IT STRING ] 

Is every occurrence of the term (IT) free in the expression (STRING)? 

This function returns T if BOUNDANY returns the value NIL or *T* for all 
variables free in the term IT; otherwise it returns NIL. 

FREEANYWHERE [ IT STRING ] 

Is an£ occurrence of the variable (IT) free in the expression (STRING)? 
FREEANYWHERE returns NIL if no free occurrences of IT exist. Otherwise it 
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returns the occurrence number of the first free occurrence of XT. 

Definition 8. Two kinds of proper substitution - -for free variables and for 
predicate letters- -are made available by using the procedures 
for bondage and freedom of a variable in an expression* 

Proper Substitution for Free Occurrences of Variables * Technically, a 
symbolic formula * comes from a symbolic formula cp by proper substitution of a 
symbolic term p for a variable a if ♦ is like cp except for having free 
occurrences of p wherever cp has free occurrences of OC . Implementation of 
proper substitution for free variables requires two steps. 

1. Only replace an occurrence of OC by p if the occurrence of O! is free, 
Recall that OC is free in cp if and only if it is not bound in cp. The 
function FREE performs this check. 

2. Keep the (possibly nonatomic) term p free. For a term to be free, 
all free variables contained in the term must remain free after 
the substitution* 

A flow diagram for the function PSVAE [a B cp] (proper substitution of 
variables) is presented in Figure 4. 



Insert Figure 4 about here 



Note on Figure 4: In testing for freedom and bondage, the function BOUND 

serves to "mark" the specified occurrence of the variable OC in the expression by 
replacing OC with the atom 1o0(f> . It then calls on the function BIND1 to determine 
if t hat marked location is within the scope of a binding operator and, moreover, 
if that binding operator governs OC. To determine if the term (3 remains free, 
PSVAR bypasses the function BOUND because the location is already marked. PSVAR 
must call on BIND1 for each free variable in p. 

Proper Substitutions for Predicate Letters . Recall that PARAM is a list of 
nonsub st it ut able variables. Any variable in the language which is not a member 
of PARAM can, by proper substitution, be replaced by a well-formed term. For the 
following discussion, let PARAM = (W X Y Z) . Let A,B,C be individual variables, 
and let the predicate letters F and G have degrees <1 0 1 0> and <1 0 2 0> 
respectively. 

Consider the sentence of first-order logic: 

VZ3X (F (X) -» 1 7. (z)). 23 
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Fig. 4. PSVAR[a p 0] 

Propor:*substitution of a for (3 in the 
expression 0. 
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The proper substitution of the formula G(A,Y) for the one-place predicate F in 
the above sentence takes place as follows: 

1 . replace every occurrence of F by G(A,Y); 

2 . successively replace each variable (which is not an element of PARAM) 
of G(A,Y), in order, by the arguments of F. Here, A is replaced by X 
in the first occurrence of Fj by Y in the second occurrence of Fj 

3 . the resulting expression is: 

VZ3X (G(X,Y) -> - G(Z, Y) ) . 

There is one restriction imposed on this substitution operation. No variable that 
occurred in the formula G occurs in the sentence we started with. (A precise 
characterization of proper substitution for predicate letters appears in Kalish 
and Montague (1964, pp. 157ff)«) 

In the program, the function PSPRED [ X T ff ] carries out the proper substitution 
of the predicate T| by X in the expression cp. The flow diagram of PSPRED is given 
in Figure 5° The routine first checks to see if X and cp have arguments in common. 



Insert Figure 5 about here 



If they do, the function returns NIL. Otherwise, PSPRED computes the list of 
substitutable variables, L, and proceeds, for each occurrence of T| and its 
arguments a^, . . . , 0 !^, to successively call on PSVAR [S^eL OR X] in order to obtain 
the proper instance of X which will replace the formula T) . If there are no 
occurrences of T| in cp, then PSPRED returns *T*. 

The functions PSVAR and PSPRED, which carry out the two kinds of proper 
substitutions, are used in constructing derivations or proofs, i.e., they are used 
to compute a line which is an instance of an axiom or previously proven theorem. 

The next sections explain how these procedures are used by an individual in 
constructing a proof or derivation. 

3 . Instantiation Procedures for Nonlogical Axiomatic Theories 

Each kind of substitution procedure (PSVAR and PSPRED) can be characterized 
in terms of its use in constructing proofs or derivations, i.e., for obtaining 
instances of an axiom or theorem. 

Simultaneous Universal Instantiation . An axiomatic theory consists of two 
things: (a) the class of nonlogical constants, and (b) a class of axioms, which is 
any recursive class of formulas containing no nonlogical constants other than those 
in (a). The man ner for defining the class of constants was already discussed 
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Fig. 5 - PSFRED[X T\ 0 ] 

Proper substitution of X for ii in the expression 0 
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(page 7 ). The class of axioms is composed of a list of well-formed formulas. 
Each formula has a distinct name associated with it with which the user can refer 
to the axiom. Below is an example of a class of axioms for a Euclidean geometry- 
in a one dimensional space. (The vocabulary was already specified where B is a 
three-place predicate denoting "betweenness" and the variables W, X, Y, and Z 
are points on a line.) 



NAME 

AXA 

AXB 

AXC 

AXD 

AXE 



FOBMULA 

B(X,Y,X) ->X = Y 
B(X,Y,Z) B(Z,Y,X) 

(B(X,Y,W) & B(Y,Z,W)) ->B(X,Y,Z) 

(B(X,Y,Lj OR B(Y,Z,X)) OR B(Z,X,Y) 

((NOT Y = Z) & B(X,Y,Z)) & B(Y,Z,W)) -* B(X,Z,W) 



The command for this kind of instantiation is the name of the axiom or theorem. 

The progr am types out the formula associated with the name and then presents each 

distinct free variable in the expression. The student types a well-formed term 

T . Each occurrence of the dummy V. in the dummy pattern of that expression is 
1 1 

rep la ced by T^. The pattern is then typed cut, in the usual format, as a new 
line of the proof or derivation. 

As an example, take axiom AXA.* To obtain an instance of AXA, the sequence 
of commands is: 



AXA B(X,Y,X) X = Y 

X: :W 

Y: :X (1) B(W,X,W) -> W = X 

The PS Procedure . 'PS* is the command name of the second kind of 
instantiation procedure. It is used to indicate that one wishes to take an 
instance of a formula by proper substitution for individual variables and 
predicates. The user indicates which formulas or terms are to be substituted for 
the predicates and the free variables, respectively, and gives the order in 
which the substitutions are to be made. 

In the PS proced ur e, the actual value of the axiom or theorem, not the 
pattern, is referenced. The student types: 

PS: of axiom or previously proved theorem> 

If, for some reason, the axiom or theorem is not available, an error message is 
printed. Otherwise, the computer types a double colon indicating that the program 
is waiting for a response, and the user gives the sequence of substitutions by 
typing either the pair 



*The convention is to underline all items typed by the user; all other 
information is typed by the computer program. 
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1. <variable> : <well-formed term> 
or 2. predicate letter> : <well-formed formula> 
where <variable> and predicate letter> all belong to the vocabulary of the 
theory. One or more such pairs could be typed. In fact, no pair can be typed 
and the result obtained will be the axiom or theorem itself. 

The user indicates the end of the sequence by typing only the ALTMODE ($). 
Each substitution request is then applied, in the order in which it was typed, 
to the result of the previous substitution in the sequence. The first is, of 
course, applied to the axiom or theorem itself. 

As an example, take the theorem TH10 to be (V X(F X -» P)) (3 X(F X P)).. 

If F is a one-place predicate and P is a zero-place predicate, the command 
sequence to generate line (n) might look like this. 

PS : TH10 
: : P : VZ(G(Y,Z)) 

:: F : F(A,W) 

: : W : Y 

.. (n) (VX(F(X,Y) -> VZ(G(Y,Z))))~ (3 x(F(X,Y)) -> 

V Z(G(Y,Z))) 

Line (n) was obtained by 

1. Proper substitution of V Z G(Y, Z) for P in TH10 to give 
(V X(F X -> VZ(G(Y,Z) )))«-> ;(3X(F X)) -> (V Z(G(Y,Z))). 

2. Proper substitution of F(A,W) for F in the result of (l). 

(V X(F(X,W) VZ(G(Y,Z))))^((3X(F(X,W))) -> (V Z(G(Y,Z)))). 

3. Proper substitution of Y for free occurrences of W to obtain the 
formula on line ( n) . 

• jhe command procedure PS merely checks to see which kind of substitution is 
desired and then calls on either the function of PSVAR (page 1 7 ) or the function 
PSFRED (page 17) to carry it out. However, once the new line is formed, the 
procedure reparses the fomula in order to guarantee that all of the computed 
new terms agree with the corresponding TYPE parameters of the term-makers and 

formula-makers. 



4 . Axioms and Theorems 

Below is a brief description of how the axioms and theorems are added to 
the command language when the user is in. TEACHER mode, and how the formulas 
are processed so that the user can reference them as indicated in Section 3- 
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Adding Axioms to the System . To assist in describing the program procedures 
for adding axioms to the underlying nonaxiomatic logical system, some terminology 
is introduced or reiterated here. Each axiom has a name , some mneumonic made up 
of alphanumeric characters only. The formula cp is the value (VAL) of the name. 

If cp is parsed and its closure formed (CLOSED) such that cp has the form 
va . ,.ya t, then t is the matrix of cp. The dummy pattern is formed for the 
axiom by dropping the preceding string of universal quant if iers Vq^, ... and 

replacing each free occurrence of the individual variables C£^, •••> a n 
matrix by an alphabetic variant--the dummy. This transformed matrix, already 
in the prefix-list notation due to the parsing, is the dummy pattern (PATTERN) 
associated with the axiom name. 

The REQUEST list is the list of variables of generalization (o^, • • • , a n ) , 
i.e., the variables occurring free in the matrix. Each element on the REQUEST 
list is in the vocabulary and, therefore, has a TYPE label associated with it. 

The list of these types, ordered in accordance with the REQUEST list, is called 
the TYPE list . Each of the five elements — VAL, CLOSED, dummy PATTERN, REQUEST 
list, TYPE list--is an attribute on a property list associated with the axiom 

name. 

How to use the Axioms in Construct ing Proofs . A line of a derivation of 
proof may be obtained by universal instantiation of an axiom as demonstrated 
in Section 3. When the user types the axiom name, the program replies with 
the value VAL associated with the axiom. (Note that the axiom as given by the 
teacher is always typed out or, at any rate, the representation preferred by 
the teacher is always typed out. In most cases, this would mean omitting any 
universal quantifiers whose scope is the whole formula.) Each member of the 
REQUEST list is then presented and followed by a double colon to indicate that 
the program expects a response from the user. The program, in each case, 
expects to receive a well-formed term of the same type as the corresponding 
element in the TYPE list. (if the TYPE is "T," any term is acceptable.) 

The acceptable terms are paired with the dummy of the variable from the REQUEST 
list in order to form a sequence of substitutions. 

After all the elements of the REQUEST list have been presented, and the 
substitution sequence has been completely specified, the program carries' out 
precisely, for each dummy-term pair, the proper substitution of the term for 
the dummy variable in the matrix of the axiom (that is, PSVAR [term dummy matrix]. 
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1. <variable> : <well-formed term> 
or 2. <predicate ietter> : <well-f ormed formula> 
where <variable> and <predicate letter> all "belong to the vocabulary of the 
theory. One or more such pairs could he typed. In fact, no pair can he typed 
and the result obtained will he the axiom or theorem itself. 

The user indicates the end of the sequence by typing only uhe ALIMODE ($)• 
Each substitution request is then applied, in the order in which it was typed, 
to the result of the previous substitution in the sequence. The first is, of 
course, applied to the axiom or theorem itsej-f. 

As an example, take the theorem TH10 to be (V X(F X P) ) <— ■» (3 X ( F x **■))•• 
If F is a one-place predicate and P is a zero-place predicate, the command 
sequence to generate line (n) might look like thj.s. 

PS : TH10 

: : p : VZ(G(Y,Z)) 

: : F : F(A,W) 

:: W : Y 

.. (n) (V X(F(X,Y) -> VZ(G(Y,Z))))** (3 x(F(X,Y)) -> 

V Z(G( Y,Z) ) ) 

Line (n) was obtained by 

1. Proper substitution of V Z G(Y,Z) for P in TH10 to gi"ve 
(V X(F X -» VZ(G(Y,Z)))) <->'.(3 x(F X)) -» (V Z(G( Y, Z) ) ) . 

2. Proper substitution of F(A,W) for F in the result of (l): 

(V X(F(X,W) VZ(G(Y,Z) ) ) ) <-»((3x(F(X,W) ) ) -* (V Z(G(Y,Z)))i. 

3. Proper substitution of Y for free occurrences of W to obtain the 
formula on line (n). 

The com ma nd procedure PS merely checks to see which kind of substitution is 
desired and then calls on either the function of PSVAR (page 17) or the function 
PSPKED (page 17) to carry it out. However, once the new line is formed, the 
procedure reparses the formula in order to guarantee that all of the computed 
new terms agree with the corresponding TYPE parameters of the term-makers and 

formula-makers . 

4. Axioms and Theorems 

Below is a brief description of how the axioms and theorems are added to 
the co mman d language when the user is in TEACHER mode, and how the formulas 
are processed so that the user can reference them as indicated in Section 3- 
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Addi ng Axioms to the System . To assist in describing the program procedures 
for adding axioms to the underlying nonaxiomatic logical system, some terminology 
is introduced or reiterated here. Each axiom has a name , some mneumonic made up 
of alphanumeric characters only. The formula cp is the value (VAL) of the name. 

If cp is parsed and its closure formed (CLOSED) such that cp has the form 
VQ! . ,.V'a IS then 1c is the matrix of cp. The dummy pattern is formed for the 
axiom hy dropping the preceding string of universal quantifiers Vq^, . . . ,Va n and 
replacing each free occurrence of the individual variables 0^, in the 
matrix by an alphabetic variant — the dummy. This transformed matrix, already 
in the prefix-list notation due to the parsing, is the dummy pattern (PATTERN) 
associated with the axiom name. 

The REQUEST list is the list of variables of generalization (o^> • • . > 01 ^) , 
i.e., the variables occurring free in the matrix. Each element on the REQUEST 
list is in the vocabulary and, therefore, has a TYPE label associated with it. 

The list of these types, ordered in accordance with the REQUEST list, is called 
the TYPE list. Each of the five elements — VAL, CLOSED, dummy PATTERN, REQUEST 
list, TYPE list — is an attribute on a property list associated with the axiom 

name. 

How to use the Axioms in Constructing Proofs . A line of a derivation of 
proof may be obtained by universal instantiation of an axiom as demonstrated 
in Section 3. When the user types the axiom name, the program replies with 
the value VAL associated with the axiom. (Note that the axiom as given by the 
teacher is always typed out or, at any rate, the representation preferred by 
the teacher is always typed out. In most cases, this would mean omitting any 
universal quantifiers whose scope is the whole formula.) Each member of the 
REQUEST list is then presented and followed by a double colon to indicate that 
the program expects a response from the user. The program, in each case, 
expects to receive a well-formed term of the same type as the corresponding 
element in the TYPE list. (if the TYPE is "T," any term is acceptable.) 

The acceptable terms are paired with the dummy of the variable from the REQUEST 
list in order to form a sequence of substitutions. 

After all the elements of the REQUEST list have been presented, and the 
substitution sequence has been completely specified, the program carries out 
precisely, for each dummy-term pair, the proper substitution of the term for 
the dummy variable in the matrix of the axiom (that is, PSVAR [term dummy matrix]. 
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To continue the example given earlier, the property list of the axiom 
AXA is: 



VAL 


B(X,Y,X) -» X = Y 


CLOSED 


Vx( Vy(b(x,y,x) -»X = Y)) 


PATTERN 


(-4 (B 0XJ& #Y# #X$)(= tfiX* W)) 


REQUEST 


(X Y) 


TYPE 


(POINT POINT) 
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Specifying an Axiom in the System . To specify an axiom, the teacher types 
and responds to the following sequence 

AXIOM 

NAME : : <name of the axiom> 

WFF: : <a well- formed formula> 

After seeing the name of the axiom and checking to see if it is distinct from 
any other name associated with formulas, the program types 'VTFF::' in order to 
request the formula. The formula must he well formed. If it is not, the 
request is repeated. If the user changes his mind, he can type an ALTMODE to 
get out of the entire command sequence. This escape route is available for all 
command sequences in both the TEACHER and STUDENT modes of operation (see 
Figure 1 6 ) . 

If the formula is accepted, the attributes for the axiom are computed, the 
axiom name is added to the general AXIOMLIST and the program continues. Generally, 
in the TEACHER mode, the user specifies curriculum to be presented to other users, 
the "students." As such, the program differentiates between the general axiom 
list (the list of all the axioms specified by th^teacher) and the list of 
axioms the student may use. An axiom is not placed on the student’s axiom list 
(and thereby ma de available to that student for constructing proofs) until a 
command to do so is given in the curriculum (see page 63 , on Defining Problems). 

Adding Theorems to the System . A theorem is a formula of a theory derivable 
from the axioms of the theory alone. A theorem is processed in much the same 
way as an axiom. Once a theorem has been proved, it can be named and used in 
constructing other proofs or derivations. (The same is true of formulas chosen 
a,s lemmas by the student . ) 

A theorem is used in the same manner as axioms in the construction of 
proofs or derivations. The name of a theorem specified by the user in the 
TEACHER mode is always 'TH' concatenated with a positive integer. Thus the 
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teacher can order and number the theorems. This is the only case in which a 
command name is not an alphabetic string. The program uses the numerical portion 
of the command to guarantee that the user is permitted only instances of theorems 
which he has already proven. Attached to a theorem name are the attributes VAL, 
CLOSED, d ummy PATTERN, REQUEST list, and TYPE list. These attribut's are 
computed and used just as for the axioms. 

Specifying a T heorem in the System . The format of the command to specify 
a theorem if the user is in the TEACHER mode is: 

THEOREM 

NUMBER: : <positive integer> 

WFF : : <well-formed formula> 

The formula is processed exactly as that for an axiom. The name of the theorem 
automatically becomes *TH<positive integer>. 1 

Formulas proven by the user while in STUDENT mode are named at the 
completion of the proof (see page 68, Requesting Problems at Run Time). 



PART III. THE COMMAND LANGUAGE 



1. Introduction 

The result of using the language M to specify an axiomatic system is to 
build the command language C. The instructional program interprets a sequence 
of well-formed commands C. belonging to C as an algorithm for constructing a 
derivation or proof of a formula in the specified system. 

Two commands have already been given: (a) the name of an axiom or of an 
established theorem, and (b) the procedure PS. If the co mma nd takes the form of 
a simple mneumonic that was defined as the name of an axiom or theorem, the 
program carries out the procedure previously presented (page 22). These cc f 
as well as those for the rules of inference and the special procedures (like 
PS), are ’’executed" by the program with the result that the program generates 
new lines of a derivation or proof. Line by line, the user types commands 
until the desired formula has been generated. 

The c omman d language consists of code for the rules governing substitution 
(as already explained), sentential rules and quantifier rules that reflect, the 
basic logical system (see especially Appendix II for a summary of these 
sentential rules), laws of identity, and rules for definite descriptions. 

Snecif ically these are: 
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1. Proof procedures ; conditional proof (CP), indirect proof (IP), and 

universal derivation (UG); 

2 . Six primitive rules of inference ; modus ponens (AA), three rules 

for quantification (US, ES, EG), two rules for the logic of 
identity (IDC, IDS), as well as two interchange rules to permit 
the replacement of a well-formed formula or term by an equivalent 
formula or term within a line of a derivation or proof; 

3 . Generalized interchange rule s i these permit an interchange on 

the basis of an axiom of theorem, that' has the form of a 
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generalized identity or material bi-conditional; 

Derived rules of inference ; and 

Miscellaneous rules : delete the last line (DLL), enter a line 

(ENT), INITiative to request problems is given to the student, 
SHOW that a line is a valid inference to make, and HELP the 
user complete his proof. 

The general syntax for the command language is: 

<command> : <line reference s> Command name> Occurrence references>: 

Cot her informat ion> $ I Cline reference s> Ccommand name> 
Coccurrence references> $ 



Cline reference s> <line number> | Csequence of line numbers> |0 



<sequence of line numhers> 

:: = Csequence of line numbers> . Cline number> | Cline number> 



Coccurrence references> 

::= Coccurrence number> | Csequence of occurrence numbers> |0 

Csequence of occurrence numbers> 

Csequence of occurrence numbers> . Coccurrence number> | 

Coccurrence number> 



Cline number> 



Coccurrence number> 
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nonnegative integer (the number of a line already 
generated and not closed off) 

: := nonnegative integer 

::= Caxiom name> | THChonnegative integer> |PS |WP |GEN| 
Cproof procedure> |cprimitive rule of inference> | 
Cderived rule of inference> | Miscellaneous codes> 
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<command name> 



<proof procedure> 



CP [ IP | UG 

HE | RQ | AA j IDC | IDS [ ES | US [ EG 

DLL | ENT [ IN IT | SHOW [ HELP 

string of alphabetic characters (other 
than those already reserved) 

<well~ formed expression> | <name> | <variable> 

If the execution of a command code requires one or more further responses 
from the user, the interpreter always types a double colon to indicate that it 
is ready to accept the response . 

After the user types a command, the interpreter performs a syntactic 
analysis of it. If any syntax error is located, the command is ignored and an 
appropriate error message is printed. Detecting syntax errors is straightforward^ 
and the benefit of concise error messages should be clear. These messages can 
reteach a particular command^ format. By typing the command name and then 
successively making corrections In the syntax as directed by the error messages, 
the user could learn to properly format the command. 

This initial analysis of a command is sufficiently standard so that message 
forms can be stored and retrieved from a peripheral device and the interpreter 
can compute appropriate insertions. Three main syntactic analysis routines 
make use of these messages. They serve to 

1. read in tne command^ 

2. dispatch the command to the appropriate processing routinej and 

3* check the syntax of the command in terms of the line and 

occurrence references. 

These three routines are presented as block diagrams in Figure 6. Each circled 
number designates an error return from the routine: the error message (as 

numbered in Figure 7) is completed and printed. 



<primitive rule of inference> 
Miscellaneous codes> 
<derived rule of inference> 

<other information> 



Insert Figures 6 and 7 about here 



The rest of this section contains a detailed description of each of the 
five elements of the command language listed above. Included in each discussion 
are definitions^ program procedures for learning and carrying out the commands, 
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Form the list of line references 



error, cannot 



© 



Get the command name - — 

Form the list of occurrence references 

Is there anything else in the user’ s 
response? 

yes 

Is the first character a colon? 

yes 

Store the rest of the response as 
•other information* 




error, there is no name 



e rro r , c annot 





error. 




error, there is 
nothing after the 
colon { 15 




Figure 6- Syntax Analysis — 

(a) Read in the Command 
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Does the command "belong 
to the student’s rulelist? 



no 



Does command belong to the 
student’s axiom list? 



no 



Is the command * TH 1 ? 



no 



yes 

Has the student 
proven this 
theorem? 



no 

o 



Command e curriculum rules? 



no 



yes 



Command € curriculum axioms? 



no 



yes 



Command e special rules? 



no 



no 



Evaluat e t he c ommand : 
check ^syntax 

vff expression required? 
delete the last line? 

I 

quantification rules 



yes 



yes 



Process as a general rule--check 
the syntax; all other errors are 
application errors 



Check the syntax 

Any line of occurrence references? 



no 

for each variable 
on the request list 
the response may be: 

* - tv, 

An escape irom the 

command? 



yes 

Short form: 
find distance 
of left-hand 
side of axiom 
in the line 



no 



yes 



error ; cannot 



© 
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The term? 
yes 



error 



Check the type of the term error— ^19^ 



yes,, but not there 

-errors 25-26 

errors 2To9 



-error 



_ 0 



Figure 6. Syntax Analysis- - 

(b) Dispatch the Command to the 

Appropriate Processing Routine 
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Check the number of 

line references ■ 

I 

For each line reference, do: 
Is the line number a 
non- negative integer? — 

Does the line exist in 
the proof? 

I 

Is the line within the 
body of a completed 
subsidiary derivation? - 



error, 



not the right 



number 




no, error 




no. 



error 




yes, 




ok 

Check the number of 
occurrence references 



error, 



not the right number 




For each occurrence reference, 
is it a non- negative number? — 

Is any other information required? 
no I ' yes 



error, no 



Does any other 
information exist? 

yes, lerror 



no | 

(done) 



(10) 



yes 

Does any other 
information exist? 




no, error 



yes 



o 



Figure 6. Syntax Analysis — 

(c) Check the Syntax of the Command 
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1 . Ccommand name> REQUIRES ONE LINE NUMBER . 

2 . Ccommand name> REQUIRES Cnumber of premises> LINE NUMBER. 

3 . THE LINE REFERENCE MUST BE A NUMBER. 

4. THERE IS NO LINE <Line number>. 

5 . YOU MAY NOT USE LINE <Line number>. LINE <Line number> DEPENDS ON 
THE WORKING PREMISE LINE <Line at which the working premise was 
introduced> WHICH IS NO LONGER AVAILABLE. 

6 . YOU MAY NOT USE LINE <Line number>. LINE <Line number> DEPENDS ON 
THE ASSUMPTION FOR UNIVERSAL GENERALIZATION MADE AT LINE <the gen 
command precedes this line>. 

7 . Ccommand name> REQUIRES AN OCCURRENCE NUMBER . 

8 . Cco mma nd name> REQUIRES Cnumber of occurrences> OCCURRENCE NUMBERS. 

9. THE OCCURRENCE NUMBER MUST BE A NUMBER. 

10. Ccommand name> DOES NOT EXPECT A COLON WITH AN EXPRESSION OR SYMBOL 
TO FOLLOW. 

11 . A NUMBER MUST FOLLOW A PERIOD. 

12. NO COMMAND REQUESTED? 

13 . AN EXPRESSION, SYMBOL OR NAME MUST FOLLOW A COLON IN THE COMMAND- 

14. the format is incorrect, an occurrence number or a COLON MUST 

FOLLOW THE COMMAND NAME. 

15. THERE IS NO OCCURRENCE IN LINE dine number> OF A TERM TO WHICH 
THE RULE Ccommand name> CAN HE APPLIED. 

16. THERE ARE NOT Cnumber of occurrences> OCCURRENCES IN LINE dine 
number > OF A TERM TO WHICH THE RULE Ccommand name> CAN BE APPLIED. 

17. TRY AGAIN. 

18. NOT A WELL-FORMED TERM. 

19. THE TYPE OF THE TERM MUST BE Ctype name>. 

20. YOU HAVE NOT PROVEN THEOREM Ctheorem number >. 

21. YOU MAY NOT USE RULE Ccommand name> IN THIS PROBLEM. 

22. YOU MAY NOT USE THE Ccommand name> AXIOM. 

23. Ccommand name> IS NOT A RULE. 

24. Cuser’ s response> IS NOT A WELL-FORMED EXPRESSION;. 

25. THERE IS NO LINE TO DELETE. 

26. LINE dine number> IS A PREMISE AND CANNOT BE DELETED. 

27 . Cterm of instant iation> CANNOT BE USED AS A VARIABLE OF INSTANTIATION. 
YOU ALREADY KNOW SOMETHING ABOUT Cterm of instantiation^ 

28. Cvariable> WAS INTRODUCED AS AN ARBITRARY INDIVIDUAL FOR THE PURPOSE 
CF UNIVERSAL DERIVATION. 

29 . Cvariable> IS ALREADY MENTIONED IN LINE dine number>. 

30. Cterm> IS NOT A VARIABLE OF INSTANTIATION. 

31. Cterm> IS NOT A VARIABLE OF GENERALIZATION. 

32. Cterm> OCCURS FREE IN LINE dine numbe r>. 

33. LINE dine number> DOES NOT OCCUR AFTER THE LAST GEN WAS REQUESTED. 

34. Cvariable> WAS THE LAST VARIABLE OF GENERALIZATION REQUESTED-. 

35. THERE IS NOT A FREE OCCURRENCE OF Cterm> IN LINE Cline number>. 

36 . THERE ARE NOT Cnumber of occurrences> FREE OCCURRENCES OF Cterm> 

IN LINE dine number>. 

37. THE VARIABLE OF GENERALIZATION MUST NOT OCCUR FREE IN THE TERM. 

38 . AT LEAST ONE OF THE OCCURRENCES OF Calpha> ON WHICH YOU ABE 

GENERALIZING IS BOUND IN LINE dine number >. 

39 . IMPROPER APPLICATION OF Ccommand name>. 

Figure 7* Syntactic Error Message Forms. 
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2 . Proof Procedures 



To facilitate the construction of proofs and derivations three derivation 
or proof procedures are available. They constitute the heart of a natural 
deduction formulation of first-order logic. Two of these, the conditional 
proof (CP) and indirect proof (IP), depend on the introduction of a working 
premise (WP) . The third is universal derivation (CXJ) in which the user establishes 
a universal statement. UG (for "Universal Generalization") depends (as explained 
below) on the user's announcing his intention to generalize a particular individual 

variable (this is done with the command GEN). 

The command language is similar to a programming language j each command 
is an instruction to the interpretive system. A well- formed command, executed 
by that system, constitutes an application of a rule to construct an expression 
in the first-order theory. This defines the construction in terms of purely 
mechanical manipulations of expressions. 

Associated with the notion of executing a sequential list of instructions 
that belong to a (programming) language is the concept of subroutines. A 
subroutine is a complicated command that has a name, a possibly empty set of 
formal parameters and a body. The body is a sequence of commands that 
manipulate the formal parameters. Moreover, each routine is delimited by 
identifiers that indicate the beginning and end of the subroutine. Such routines 
illustrate the idea of block structuring, or grouping, of commands. In the 
usual sense, a block structure is a means of defining the scope of identifiers. 
Variables, arrays and definitions may be declared at the head of a block and 
have no significance outside this block. The importance of a block comes from 
the fact that blocks may be nested , i.e., the beginning of a new block may be 
declared within the body of another block. Definitions at the head of a block 
have meaning only within that block and any that it encloses. 

Clearly the command sequences for obtaining instances of axioms and 
previously proved theorems may be viewed as a block or subsidiary routine. 

The command name is the name of the routine as well as the beginning delimitor, 
the substitutable variabi.es are the parameters and ALTMODE is the ending 
delimitor. But this might be carrying an analogy too far. The three proof 



procedures described below serve as sharper analogies to programming with 
subroutines. In the sequel, consider the command mneumonics CP, IP and UG 
as the n am es of subroutines of a programming language. 

ERiC ^ 
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WP. For CP and IP* the “beginning of a “block is denoted “by the simple 
command WP. WP itself is an instruction to the program* first* to set up 
the mechanisms for specifying the “beginning of a proof procedure* and second* 
to allow the user to enter a premise of his own into the derivation. This is 
a working premise; the lines of the derivation are conditional upon it. The 
new premise can he thought of as a formal parameter since it only has meaning 
within the block. Once the block is closed (boxed off or completed) by the 
ending delimit or (in this case* the command containing the name of the proof 
procedure)* the premise entered by the WP rule can no longer be referenced as 
a line of the proof. 

The body of the block is a sequence of arbitrary but finite- length lines 
that occur between the delimiting lines* i.e.* those generated by the WP and the 
CP or IP commands. Once a procedure is completed* the block is closed off and 
no line in the body may be referenced as a line of the proof . 

Analogous to the notion of the nesting of subroutines* several working 
premises may be requested in (not necessarily contiguous) succession. The 
program retains the order of this series of WP requests so that only the last 
WP entered may be closed* i.e.* referenced in a CP or IP command. Moreover* 
although the user may be able to generate the correct expression for solving 
the derivation problem* he has not solved the problem unless all the WP f s have 
been closed. In other words* like a well-formed computer program* every beginning 
of a routine must have a well-defined end. To help the user keep track of the 
block structure* the program indents several spaces for each open WP (each level 
of incompleted nesting) . 

The command format for WP is simply the mneumonic: 

WP ( i) <well-formed formula> 

The program types the number of the new line and the user enters a well-formed 
formula as a premise. 

CP . The user can construct or generate a conditional statement by 
introducing the antecedent of that statement as a working premise, by working 
out a derivation of the consequent in the usual manner* but making it conditional 
upon the entered premise* and by then using the CP rule to finally derive the 
conditional statement. The format for the command is 

Cline a>. <Line b> CP 

where dine a> refers to the last working premise introduced and Cline b> refers 
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to any line of the derivation. Of course, <line a> and <Line h> can refer to 
the same line. The formula on Cline a> becomes the antecedent and that on dine b> 
the conseq uent of tbs conditional statement formed. CP indicates that the 
particular WP is now closed. The delimiting line is dine b>. If dine b> 
comes before dine a> in the derivation sequence, then the body of the block 
is empty and only dine a> becomes unavailable. 

As an example, a proof of R -* (R OR P) is provided in Figure 8. 



Insert Figure 8 about here 



IP. In order to derive a formula cp, the user may introduce the negation of 
cp as a working premise (WP) . He then attempts to construct t and (NOT t) as two 
lines of the proof or derivation, thus establishing the logical truth of the 
negation of the working premise. This is known as a proof by contradiction, 
or reductio ad absurdum . 

The IP command requires a sequence of three line numbers to precede it as 
follows : 

<Line a> . Cline b> . <line c> IP 

where Cline a> refers to the last working premise entered and Cline b> is the 
denial of dine c>. The program generates as a new line the denial of the 
premise on dine a>. An example of a proof using the indirect derivation 
procedure is given in Figure 9« 



Insert Figure 9 about here 



GEN and UG. Universal derivation, or generalization (UG), permits the 
user to establish a universal statement, i.e., one of the form Vacp, as a line 
of the derivation or proof. The beginning of the sequence of commands for 
obtaining this universal statement is denoted by the command GEN. In using this 
command, the user indicates which variable, Ot, he wants to introduce as an 
arbitrary individual for the purpose of universal derivation. The command format 

is: 

GEN: Cq> 



42 



35 



DERIVE 



R -XR OR P) 



t*bp$ 


(1) 


♦ HS 


t ♦ IFDS 






t I ♦PS 


( 2 ) 


K OH P 


z ♦1.2CPS 


<3> 


R -XR OR 1 


CORRECT. • • 







Fig. 8. Conditional proof. 



DERIVE 


H OKCNOT R) 


t ♦UPS 


< 1 ) 


♦NOT CR OR i 


t ♦ WPS 


<e> 


♦ RS 


^♦WP$ 


< 3) 


♦ I 


t ♦3FDS 
«■ t ♦NOT RS 


< 4) 


R 


S*3«4. IIPS 


<S) 


NOT H 


1*2-8* SIPS 


<6) 


NOT R 


t ♦ feFDS 






1 i ♦RS 


C 7 ) 


CNOT R)0R R 


(♦7CDIS 


<«) 


R OH<NOT R). 


«♦ I* 1.8IPS 


<9> 


R OR<NOT h> 


COKKECT* • • 







R 0RCN01 R) 



Fig. 9- Indirect proof. 




DERIVE A Y<F Y -» F Y> 



i^P* 



U> *F X* 



j*6EN«XS 

X CANNOT BE USED 
GENERALI ZAT I ON I 



AS A VARIABLE OF 
II IS NOT AN ARBITRARY 



INDIVIDUAL* 



t ♦GENa YS 
OK 








t ♦VPS 


(2) 


♦ F 


YS 


t ♦2*2CPS 


<35 


F Y-> F 


Y 


t ♦3 UGj YS 


C4> 


A Y(F Y -> > 


Y) 


CORRECT. .* 









Fig. 10. Universal derivation* 
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The notion of nesting GEN' s is like that of the WP' s so the discussion on block 
structures will not he repeated except to note that GEN' s and WP' s can he 
nested within one another, i.e., one or more working premises may he entered 
after the GEN c omman d is accepted. However, the universal derivation introduced 
hy a GEN request cannot he completed unless all such working premises are 
closed. Conversely, GEN commands that occur after a working premise is entered 

must he closed before the external WP can he. 

This derivation procedure is intended to capture the proof technique in 
which one demonstrates that every object has a certain property by showing that 
an arbitrary object from the universe of discourse has the property. Consequently, 
the interpreter must ensure that the object a indicated for this purpose is 

actually an arbitrary one. This is done by determining if a occurs free in any 

antecedent line q>. (FREEANYWHEREfo '(p ± ] ) . An "antecedent line" is defined as any 

line occurring in the proof which has not already been closed off by one of the 

pairs WP-CP, WP-IP, or GEN-UG. If the a is accepted, the program types 'OK 1 . 

GEN does not generate a line. The main reason for its use in the 
generalization procedure is to prevent the user from performing a number of 
unnecessary steps; for example, without GEN, the user may discover several 
steps later that he cannot generalize over a variable as he had intended. 
Furthermore, by introducing a into the proof, the user is prevented from using 
a as a variable of specification in ES (existential specification rule, page 4o), 
which violates the restriction on the latter rule. This GEN announcement is 
one method used to reduce the amount of irrelevant work and at the same time 
emphasizes the care needed in introducing new variables. 

After the user has constructed the matrix of the desired universally 

quantified formula, he types the command 

<line a> 1/1 : < Q!> 

where <Line a> refers to the line containing ty. This line must occur after the 
last GEN and the <a> must be the last variable of generalization specified. 

Thus the new line is formed. A simple example of GEN-UG is given in Figure 10. 



Insert Figure 10 about here 



Note that GEN serves as a delimiter so that if the user types an improper UG 
command an appropriate error message is given. 
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3 . Primitive Rules of Inference 

Modus Fonendo Fonens (AA) . By the classical rule of modus ponens r 
symbolic sentence cp may be inferred from the symbolic sentence -> cp and 
If a derivation consists of lines 

(1) P -»Q 

(2) F 

then, the command 1.2AA generates the new lines (3) Q- The mneumonic AA 
stands for tf affirm the antecedent, 1 * which suggests the semantical analysis of 
the rule. 

The AA command is processed in the same manner as a derived rule of 
inference. This procedure is discussed in detail in the section on derived 
rules of inference (page 4*7ffo). Rules of inference for sentential logic, 
include Form a Conjunct (FC), Form a Disjunct (FD), Double Negation (DN), 
and Deny the Consequent (DC), to name a few familiar ones. 

Rule of Universal Specification (US). The implementation of the three 
rules for quantification theory reflect the standard characterizations of these 
rules. In the following, let a he a variable, P a term, and cp and formulas. 

The principle of specification permits the deduction of some symbolic 
formula from a universal statement VDKp. The rule of universal specification 
US (sometimes referred to as universal instantiation) states that comes from 
cp by PSVAR[p 0! cp] for some term p. The term of instantiation is p. 

The intuitive content of this rule may be expressed in the slogan "what 
is true of everything is true of any given thing ." The only restriction on P 
is that it can be properly substituted for the indicated universal quantification 
variable. The procedure for carrying out the rule must also ensure that the 
computed type for P is consistent with that for a. The command format for US is 

<Line number> US 
<a> : : <p> 

where the line reference must contain a universal statement. The interpreter 
types the variable of generalization Oi found on the line and then a double 
colon to request the user enter p. The new line is where v — PSVAR[p Of cp] . 

A simple example of this command is: 
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(l) VX(FX->3 x(g(x,y))) 

1 US 

X::Z (2) F (z)-»3 X(G(X, Y) ) 

Rule of Existential Generalization (EG) . The rule of existential generalization 
(EG) permits an inference from some expression ♦ to an existentially quantified 
statement 3a cp, where, for some term P, P contained In If, If = PSVAR[a p cp] 

The formula i|r may contain more than one occurrence of P and it may not he 
the case that the user wants to generalize over all such occurrences. In 
typing the command, the user must specify a sequence of occurrence references 

for each occurrence of a p in v that is to he considered. 

In order to apply this generalization process FREEfpty OCC] must equal T for 
each referenced occurrence OCC of p. Moreover, a cannot occur free in *(FREEAN WHERE 
M = nil). Otherwise, in substituting a for P in t to obtain cp and in forming 
the existential statement 3acp, i will not he obtainable by PSVARlp a cp] . 

The format for the EG command is 

Cline number > EG <sequence of occurrence reference s> 

<q> : <g> 

The user states on which line to find the * and specifies each occurrence of p 
to be considered in the generalization procedure. The program then requests 
the user to type the variable of generalization a followed by a colon followed 

by the term p. For example: 

(l) G(X,Y) -» F Y 

1 EG 1.2 

:: Z;Y (2) 3Z(G(X,Z) -»F(Z)) 

1 EG 1 

;; Z:Y (3) 3Z(G(X,Z) -»F(Y)) 

but the request 

1 EG 1.2 

:: X:Y could not be carried out since this would generate the 
expression 3X(G(X~X) ->F(X)) in which the second occurrence of X is no longer 
free. Consequently, substituting Y for X in this expression does not yield the 

original formula of line 1. 
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Rule of Existential Specification (ES) . In order to infer that what is 
true of something is true of a particular thing, the user calls on the rule 
of existential specification (or instantiation) ES. This rule lets us deduce 
from the existential statement 3 Cd cp the formula ty, where = PSVAR[ {3 Q?Sp] f or 
some variable p. Since it is possible to generate fallacies in identifying 
variables, a restriction is placed on the variable £: P must be new to the 

derivation; it must not have occurred in any previous line. (This includes 
nonantecedent lines and is somewhat overly cautious.) Included in the meaning 
of "occurred in anjr previous line" is the restriction that the user must not 
have stated an intent to universally generalize over p. Like the US rule, the 
interpreter must ensure that the computed type for P is consistent with that 

for a. The command format for ES is 

<line number> ES 
<a> : : <p> 

where the line referenced must contain an existential statement. The program 
-types the variable of generalization a on the next line and requests the 
user type p. If p has occurred in any previous line, an error message is 
printed. Otherwise, t is computed from cp by PSVAR[pq^]. 

An example of the command sequence is: 





(1) 


3Y(F Y -> 


G X) 




(2) 


3y(g y) 






(5) 


G X 




2 ES 








Y:^Z 


(4) 


G Z 


(Z does not occur in lines 1, 2, or 3 


2 ES 








Y: :X 






(The error message tells where X was 








first encountered.) 



X CANNOT BE USED AS A VARIABLE OF INSTANTIATION. 
YOU ALREADY KNOW SOMETHING ABOUT X. 

X IS ALREADY MENTIONED IN LINE 1. 
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The Logic of Identity ( IDC and IDS). Two new primitive rules of inference 
needed to obtain a formulation of the first-order predicate calculus with 
identity . (These rules occur in Kalish and Montague, 1864, p. 220.) No 
attempt is made here to justify the choice of these two primitive rules from 
among the several possible ones other than to demonstrate that, with these two 
rules at our disposal, the interchange laws (RE and RQ), the law of symmetry 
(CE), the law of reflexivity (LT) and the transitivity of identity (TR) are 
derivable as rules of inference. Of these five rules, only RE and RQ are 
described in detail. Use of CE as a rule of inference should be clear from 
the discussion on derived rules of inference and the property lists given in 

Appendix II. 

The rules have been named IDC and IDS, with the ’ ID* part standing for 
•identity*. As shown below, the command format for the first rule, IDC, is 
similar to that for EG and represents a form of condit ionalizing for identity. 
Likewise, IDS is a form of specification where the term of instantiation is 
already specified within the formula itself. 

The command format for IDC is: 

<line number> IDC <sequence of occurrence reference s> 

: : <££> : <g> 

where <line number> points to the formula *. In order to apply this rule for 
each occurrence reference OCC, FREE[ £ * QCC] must equal T. The user specifies 
the variable of generalization a and the term p such that a is not contained 
in p. Then cp is derived from ♦ by replacing each referenced free occurrence 
of p by the variable a. Since t must be obtainable by PSVAR[£ 0i cp] , the rule 

can be used only if a does not occur free anywhere in 

IDC permits the following possible sequence of lines to occur as part of 

a possible derivation. 

p (l) F(A) premise 

P (2) X=X premise 

1 IDC 1 

-. : B: A (5) VB(B=A -* F(B) ) 

2 IDC 2 

Z:X (k) VZ(Z=X ^X=Z) 

The co mma nd format for IDS is 

m <-,<line a> IDS 

4 & 
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where <line a> points to a formula of the f orm Vc;(q:=( 3 ->cp) . The new line 
generated is where comes from qp by proper substitution of (3 for a. 
Figures 11, 12, and 13 establish that the interpreter, with IDS and IDC as 
primitive rules of inference, captures first-order logic with identity. 



Insert Figures 11, 12, 13 about here 



The proof of the law of reflexivity (V X(X=X)) is shown in Figure 11. If this 
law is named as a theorem, say LT, then it may be used to prove CE, the 
symmetry law (Figure 12). And that identity obeys the transitivity law, TR, 
is proved in Figure 13* The three formulas (LT, CE, and TR) are the first- 
order axioms sometimes taken as definitive of identity. 

Replace Equals Rule (RE). It can be shown from the rules of identity that 

X = Y-*(F(X) = F( Y) ) 

where F is any 1- place operation symbol (see Figure 14). This is Euclid’s 



Insert Figure 14 about here 



postulate that corresponds to saying, if equals are substituted for equals, 
the result is equal. As a derived rule of inference, we named this pattern RE. 

Let a, (3 be terms, and let cp be a well-formed formula of the theory. Let 
line 1 of a derivation contain the formula 9, and let line 2 have a formula 
of the form a=(3. Then the replace equals rule (RE) says that if there is an 
occurrence of a in cp then (a new line of the derivation) is obtainable from 
cp by replacing the occurrence of a by (3. 

For example, if the derivation has lines 

(1) C + (0 + A) = A + C 

(2) 0 + A = A + 0 

then, by the RE rule, where a = 0+A, replacing a by p = A+0 generates the 
new line: C + (A + 0) = A + C. 

Suppose there is more than one occurrence of a in cp. Lr c n = the number 
of such occurrences and 1 < k < n. The kth occurrence of a in cp is determined 
by scanning cp from left to right searching for exact pattern matches with a, 
and counting until the kth such pattern match is found. Then the general RE 
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Fig. 11. Reflexivity of identity. 
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Fig. 12. Law of symmetry for identity. 
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Figo 14. Euclid* s Postulate. We first prove Leibniz* 

Indiscernability of Identicals and give it the 
name LEIBNIZ, A form of LEIBNIZ can he taken as 
definitive of identity within second-order logic. 

The second derivation is a proof of Euclid* s 
Postulate. THA is tho ref lexitivity of the identity. 
Note the use of the PS procedure* 



44 



51 



rule says that t is obtainable from cp by replacing the kth occurrence of a in 
cp by p. 

The format for the RE rule is 

Cline a> . <line b> RE Occurrence reference> 

In other words, dine b> must refer to a line on which there is an identity 
formula, and dine a> must have at least k occurrences of the left-hand side 
of this identity formula. Then the kth occurrence, K car. be replaced by the 
right-hand side of the identity only if (a) FREE[a cp K] = T; and (b) FEEK[P PSVAE 
[p a cp] = T. This, of course, amounts to PSVAR[p a dine a>] . 

In the first example, Coccurrence reference> = 1. The command is 1.2RE1 . 

As another example, let the two lines of a derivation be: 

(2) A+ (B+C) - (A + (B + C) ) + 0 

(4) A + (B+C) = 6. 

Then, 2.4RE2 generates the new line: (5) A+(B+C) =6 + 0. If the command 

had been 2.4RE5 (if Coccurrence reference> >2), then the rule would not apply 

and an error message would l>e typed. 

Replace Equivalents Rule (RQ.) • The replace equivalents rule, RQ, the 
second of the interchange rules, is similar to RE. Let line 1 of a derivation 
contain the formula ty, and let line 2 have the formula of the form cp IFF cp* . 

The RQ rule may be described as follows: if there is an occurrence of cp in 

then t 1 ( a new line) may be inferred from i by replacing the occurrence of cp 
by cp’ . Furthermore, like RE, the RQ rule must consider which occurrence of cp 

to replace. The format for the RQ rules is: 

dine a> . dine b> RQ, Coccurrence reference^ 

For example , 

(1) (VX F X & 3Y G Y) -> VX F X 

(2) (VX F X) IFF (VY F Y) 

1.2RQ2 

(5) (VX F X & 3Y G Y) -» VY F Y 

The second line referenced must contain a material bi- conditional, otherwise 
an error message is printed. 

4 .■ General ized Interchange Rules 

The interpreter accepts special commands as shortcuts for using an axiom 
or theorem if that axiom or theorem is of the form a = P or cp IFi t . The 
interpretation is based on the RE and RQ rules. The format for all such short 
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forms is: 



<line number> <name of axiom or established theorem> Occurrence reference> 
Suppose a derivation in elementary algebra contains the line: 

(I) A+B = A+((-C) + (B + C)) 

Frequently in proof constructions requiring pattern manipulations, the student 
may want to alter a term or a formula contained in a line of the derivation. 

In the example above, he may want to replace the occurrence of the term 
(-C) + (B + C) with the term (B + C) + (-C). This requires an application of the 
CA axiom: A+B = B+A, followed by the RE rule. The steps of the derivation 

would be : 

CA A + B = B + A 
A: :j-C 

B: : B+C ( 2 ) (-C)+(B+C) = (B +C) + (-C) 

1.2BE1 (3) A+B = A+((B + C) + (-C)) 

The shortcut method for obtaining the formula on line 3 is to use the 
command: 1CA3 « Since the command name is an axiom of established theorem, and 

since the formula associated with the name is either an identity or a material 
biconditional, the program automatically carries out the two-step procedure 
shown above. Note that the program, not the user, determines the substitution 
sequence 5 for obtaining the proper instantiation of the axiom CA. 

To illustrate the procedure further, and especially to show why the 
occurrence reference is 3j consider - again line (l) above. There are four 
different possible applications of the CA axiom, i.e., instances of the left- 
hand side of the pattern for CA. Scanning left to right, they are 

1. A + B = B + A 

2. A + ( ( -C) + ( B +C) ) = ((-C) + (B+C)) +A 

3- ( -C) + ( B + C) = (B+C)+(-C) 

k. B+C = C + B 

Since line 2 of the example corresponds to application 3* the occurrence number 
must be 3* 

In summary, this shortcut use of axioms and theorems is always permitted 
if the formula associated with the axiom or theorem is of the form ot= p or 
cpIFF^. In using the shortcut, the student must, of course, determine the 
correct occurrence reference. 
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5 . Derived Rules of Inference 

Methods have been provided for specifying the formal system. Axioms 
when specified, and lemmas and theorems when proved, are automatically entered 
into the co mm and language with instantiation procedures and with shortcut 
applications (as explained in Section 4). An even more flexible framework 
is achieved by providing a means for deriving new rules of inference — the 
so-called "derived rules." 



To every theorem of logic there is a corresponding derived rule which is 
indispensible from the standpoint of decreasing the number of steps necessary 
for a proof or derivation. The use of a derived rule is effectively an 
iteration of proper substitution, application of the rules to form a conjunction 
(PC) and affirm the antecedent (AA). The instructional program contains two 
algorithms for deriving new rules: one for theorems of the form cp-*t, and the 

other for theorems and axioms of the form Q !=P and cp IFF \|r. 

The second kind of derived rule is merely a commuted form of the shortcut 
commands we presented in Section 4. Here, instead of replacing an instance 
of Q! by P (or cp by i), the program searches for the proper occurrence of P 
(or i) and replaces it with the corresponding instance of a (or <P) • As an 
example, t ak e the associate axiom AS for an additive group: (A+B)+ C = A + (B + C) 

The shortform is usually called AR (associate right). A new rule, AL (associate 
left) is obtained by requesting a derived rule of inference based on AS. 
Associating left means to replace the instance of the schema (+$A$(+$B$ #C$) ) 

by the corresponding instance of ( + (+ ioPtfo $B$)^C$). Observe the derivation. 
DERIVE 4 + (3+2) = (4 + 2) + 3 



AS 
A. :4 
B: :3 
C: :2 
1AR1 
2CA4 
3AL2 



( A + B) + C = A + (B +C) 



(1) (4 +3) +2 = 4 + (3 +2) 

(2) 4 + (3 +2) = 4 + (3 + 2) 

(3) 4 + (3 +2) = 4 + (2 +3) 

(4) 4 + (3 + 2) = (4 + 2) + 3 
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To process the rule, the program computes the information 



PREMISE ((+ %A%(+ lolf/o ioCio) ) ) 
CONCL ( + (+ ioP$ $B$) %C$>) 



NOP 



1 



OCCUR 



1 



These at tribute -value pairs are stored on the property list of AL. 

In the first type of derived rule, the pattern of the theorem is transformed 
into a conditional statement P such that the consequent is not a conditional. 

Then the premises, i.e., the patterns of the conjunct of the antecedent of P, 
are patterns for the lines which the rule must reference. The number of line 
references is the number of conjuncts. The result of using the rule of 
inference is the proper instance of the pattern of the consequent of P. The 
algorithm for obtaining P is as follows. 

Let the theorem be of the form $cp where S is a string of universal 
quantifiers with their variables, namely, of the form Vct'^, . . . ,Vc^ n where each 
Oh , i=l, . . . , n, is an individual variable; cp is a conditional statement. Then 
a rule is derived from the (closure of the) theorem by the following algorithm: 

1 . cp'* is obtained from 9 by iterated proper substitution of 
Ci t by ioOL^/o in 9 , for i=l, . . .,n. 

2 . 9 - f 1 is obtained from 9 * by replacing each occurrence of a 
predicate letter by its dummy. By this replacement process, 
the predicates are recognizable as substitutable elements of 
the expression. 

3. q> f * is now a pattern for the theorem. Any symbols not 
replaced by dummies are constants that must appear in the 
lines referenced in the rule command. 

4. 9 1 1 is in the form A— where ^ itself may be a conditional. 

In order to compute at tribute -value pairs used in processing 
the rule, 9 * 1 must be in the form of a conditional whose 
consequent is not a conditional statement. 



By repeated application of the Deduction Theorem (Mendelson, 
1964, p. 6 l), if h rj -> (£->§) then (rj &g) -> 6 , 9 -’ *, is 
transformed into the desired form, OI— »(3, where P is not a 
conditional. 
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5 . Let N denote the name of the new rule. Then P is placed 
on the property list of N under the attribute name CONCL. 

6. The list of premises is formed from the conjunct s of the 
antecedent a. The premises are placed on N- s property 
list under the attribute PREMISE . Each element of the 
list is a pattern which, in processing the rule, will be 
matched with a line in the derivation ("Matched" in the 
sense of determining how to instantiate the pattern in 
order to obtain the line.) 

7. NOP is the number of cor.juncts (or the length) of the 
PREMISE list. It is, specifically, the number of 
reference lines which will be expected in the command. 

The command format is: 

<s equence of NOP line nuru'oers> <rule name> 

Each line n umb er refers to a line of the derivation that must match a 
corresponding pattern on the PREMISE list. There are, of course, NOP of these 
("match." here means "is an instance of"). The sequence of line references 
must be ordered with respect to the order of the elements on the PREMISE list. 

In s .imma ry, the theor em is transformed into a conditional statement such 
that the consequent is not a conditional. Then three attributes are placed on 
the property list associated with the rule name: 

PREMISE <List of the conjunct s of the antecedent 
in their dummy PATTERN notation> 

NOP <the number of conjunct s> 

CONCL <the consequent in its dummy PATTERN notation> 

Two examples are offered in order to illus J rate the derived rule procedure. 
NAME: EC 

Form a conjunction is a rule of logic that lets us combine two lines of a 
derivation or proof into a conjunction. Given the formulas P and Q, we can 
infer the expression (P&Q). The theorem is P -* (P & Q.) ) • The first premise 

is P. The consequent of this theorem, a conditional statement, is replaced by 
its consequent P& Q anc> Q becomes the second premise of the derived rule 
pattern. Now the consequent is not a conditional and is stored as the conclusion 
(CONCL). Or, the property list of FC, where #P# and are dummy names for the 



formulas P and Q, respect ively, we store: 

PREMISE (folia %Qi <fo) 

NOP 2 

CONCL (& 

Now, if a derivation has lines 

(1) A = B 

(2) A + B = C 

then the cn niman d 1.2FC generates the line ( A = B) & (A + B=C). The command has 
the correct number of line references and n^ occurrence numbers, which is 
characteristic of all rules of this nature. The new line is obtained by 
forming a conjunction with the lines 1, 2 as the conjunct s. 

The second example is the rule AA which, as was mentioned earlier, is 
processed the same as the derived rule of inference although it _is a primitive 
rule in the system . The theorem is (f P — » R) & P) — » R. By the above algorithm, 
the computed attributes are: 

PREMISE ( (-» foPf, $P$) 

NOP 2 

CONCL 

Commands that call for the application of a rule of inference are executed 
by a matching process that attempts to determine whether each line referenced in 
the command is an instance of a corresponding dummy pattern on the PREMISE list . 
For each line referenced, a routine initially receives the formula on that line T 
the corresponding dummy pattern from the PREMISE list, and the message (LINE 
<line number>) . By recursive calls, with the element s of each expression as 
arguments, i . e . , the lists or atoms within the expression lists (T^'Vl), the 
routine builds a message that is the name of the location of the T^ in the initial 
formula. The routine examines the atomic element (variable or predicate), or 
the first element (main connective of a term or a formula) of the list if it is 
nonatomic, .in order to form a sequence of substitutions by which the referenced 
lines of the aorivation may be obtained from the premises. Once this sequence 
as computed, the corresponding instance of the conclusion pattern (CONCL) is 
generated as a new line of the derivation. 

For example, if the derivation contains lines: 
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(1) A = B -» B = C 

(2) A = B 
(5) B=A 



and the user types 



1.2AA 



then the interr r will call on the checking or matching routine with the first 
premise in the PREMISE list associated with AA and the formula on the first line 

referenced* Below is Sl "trace of "tliis procedure* 

1. T: Jfe*) V: (-» ( =A B)( =B C)) M: (LINE l) 

At this point, the main connective of T, the pattern of the 
first premise, is the same as V, the line of the derivation. 

M describes V. 

rfp* VI: ( = A B) Ml: (ANTECEDENT OF 

' ^ ' LINE 1) 

is paired with ( = A B) and Ml. 

T2 : #1$ V2: ( = B C) 

is paired with ( = B C) and the message M2. 

Saving the above two pairs, the program continues the process with 
the second premise and references the formula on the second line. 
k. T3: V3: ( = A B) M3: (LINE 2) 



2 . 



3- 



M2: (CONSEQUENT OF 
LINE 2) 



was already paired with ( = A B) which is identical with V3> so no 
inconsistent pairing has been located. There are no more line references. By 
substituting into the value of CONCL with respect to the substitution pairs 
determined in 1-4, the new line: (B= C) is generated. 

The command 1.3AA is processed as above except, in 3> V3‘ is ( = B A) . 

Since this is not identical with the '^alue already paired with an error 

message is formed from Ml and M3: 

LINE 2 MUST BE THE ANTECEDENT OF LINE 1. 

The derivation in Figure 15 demonstrates other message types. The teaching 
sequence that we can provide for all derived rules of inference, using the same 
matching routine traced above, show explicitly how messages are recursively 
computed. 




Insert Figure 15 about here 
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Fig. 15* Reaching the command language. 



Several other attributes may 



Optional Attributes for Derived Rules, 
optionally appear on the property list of a rule. As yet, they are not entered 
via the above algorithm, but rather by direct editing of the property list. 

They are: 

1. REQ and TYPE . A rule may require the student to enter a 
particular type of well-formed term (or formula). If a. 
new rule is derived from an expression containing a free 
variable (or predicate), the free variable (or predicate) 
can be replaced by a well-formed term (or formula). (The 
inclusion of bound predicates, of course, transcends first- 
order logic.) An example is the Add Equals rule (AE), which 
may be obtained from the open formula: 

VA VB ( A = B -* A + C = B +C) . 

The property list of AE contains 
PREMISE ( ( = #A# #B$)) 

NOP 1 

REQ T (for ’term 1 ) 

TYPE ALGEBRA 

CONCL ( = ( + $A$ REQ) ( + $B$ REQ) ) . 

2. OR. The main connective of the single premise of AE can also be 
one of the inequality signs. The options, >, <, and =, are 
specified by listing each premise on a PREMISE list that 
begins with the atom OR. CONOL must be a list of patterns 
corresponding to each optional set of premises. Whichever 

set matches the referenced lines generates the desired 
substitution list. For AE the change is: 

PREMISE ( ( OR ( ( = #A$ $E$) ) ( ( < #B$) ) ( ( > $A$ $B $>) ) ) 

CONCL (( = ( + REQ)(+ REQ))( < ( + #A $ REQ)( + REQ)) 
( > ( + J&A $ REQ) ( + #B# REQ) ) ) . 

Observe the error message and the teaching sequence for the 
LB rule in Figure 15 for a sample of how the OH option affects 
the analysis routines. 




GO 
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3. $$$. As long as the only difference between sets of 

premises is the main connective, the special character 
'fyfyjo in a premise indicates the optional list of main 
connectives. Then 14$> is stored on the property list 
as the attribute whose value is the list of main 
connectives. Again, observe the handling of the AE rule 






in Figure 15 • 

PREMISE ( {$14 M loSfo)) 

W* ( = > < ) 

CONCL ( + $A# REQ)( + $E $ REQ) ) 

RESTRICT. This attribute is used when special restrictions 
on the use of a rule must be specified. The value of 
RESTRICT is an executable LISP S-expression. As an 
example, take the Divide Equals rule (DE) in which the 
user may not divide by zero. The property list of DE 
might be : 

PREMISE ((= #A# %E$)) 

NOP 1 

REQ T 

TYPE ALGEBRA 

CONCL ( -' ( / REQ) ( / $B $ REQ) ) 

RESTRICT (COND ((EQ REQ 0)(ERR (QUOTE "YOU MAY NOT 

DIVIDE BY ZERO"));) 



(TT)) 

Note that if the main connective were changed to $$$ so as 
to include the inequalities RESTRICT would have to be 
extended to account for negative values of REQ. 



How to Specify New Rules of Inference . Derived rules of inference whose 
property lists require only a list of PREMISES (no options) and a CONCL are 
easily generated by the interpreter. The user, in either STUDENT or TEACHER 
mode s type s 

RULE 
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The program first requests 

NAME : <name of the new rule> , then 

FROM: <axiom or theorem from which to derive the rule>. 
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The name cannot he a reserved name, i.e., one of the procedure names or a 
primitive rule of inference. It must he an alphabetic string of characters 
with arbitrary length greater than one. The axiom or the theorem referenced 
must be a (possibly quantified) conditional statement, an identity statement, 
or a hi-conditional as described above. After che derivation of the rule is 
completed, the program will type »0K' . In what follows, let 8 be a string of 
universal quantifiers with the corresponding variables of generalization. 
Algorithmically what takes place is the following. 

1. Determine if the user is allowed to reference the axiom 
or theorem. In TEACHER mode, this only requires checking 
to see whether the axiom or theorem exists. In STUDE1TT 
mode, as defined later, it requires seeing whether the 
student actually knows the axiom or the theorem* 

2. Let cp be the value of CLOSED. Is the main connective 
of the matrix of cp an identity or a bi- conditional 
statement? If neither, go to step 4. 

3 . C ommand s of the form <lineXnameXoccurrence> are automatically 
generated for axioms and theorems with matrices of the form 
&=£> anri fp IFF. i|r. Procedure completed. 

4. If the matrix of cp is not a conditional, no lule can 
be derived. Procedure completed with an error message. 

5. Otherwise, carry out the procedure outlined on page 48 

for deriving rules of inference. 

v 

Figure 16 is the second in the series of dialogues that began with Figure 3- 
Here, the teacher adds the axioms, two theorems, and some of the rules to be 
used in constructing derivations of expressions of eilementary algebra. Figure 17 
lists the properties of these newly specified axioms and theorems. It ends with 
two derivations for the same formula, one using the specified theorem and one 
using the rule derived from that theorem. A complete list of derived rules of 
inference for the sentential calculus is given in Appendix II. 



Insert Figures 1 6 and 17 about here 
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•(START) 

WHO AHE YOU (TYPE S OR T)? 

PLEASE TYFE YOUR NUMBER. 

Do'yOU want 10 CREATE OR ALTER A THEORY? < TYFE C OR A) 

* AS 

THEORY NAME? 

* EXS 



^N* SETTING UP A FIRM-ORDER THEORY YOU MUST SPECIFY 
THE VOCABULARY AND THE AXIOMS. THEN YOU CAN CH °OSE 
A SET OF WELL-FORKED FORMULAS AS THEOREMS. A.ND DERIVE 
NEW RULES OF INFERENCE FROM THESE THfcOHFMS. THE 
COMMANDS ARE* VOCAP. A.UOM. THEOREK. AND RULE. TIFF 
MN WHEN YOU ARE TWROUCH. 



i* AXIOMS 
MAM El *AXAS 

VFFl *'B(X.Y.X) >-»<X-Y>* 

t *AA<A>XI0MS 
NAHEe * AXBS 

WFFl *b(X.Y.£) -» FtX.tf.)')* 

X* AXIOMS 
NAM Et • AXCS 

WFFt *<BCX.Y.W) A Pty.Z.W)) -» P(X.Y.7.)f 



:*AXIOMS 
NAME) * AFDS 

WFFt *<MX.Y.7) OH B(Y.Z.X>) UR IK/.X.YIf 
**AXIOMS 

NAME! * AXES „ • 

WFKt *<<<NOT <Y-Z>) * B<X.Y.X)> A PCY.X.V)) 



PCX.*.*)* 



t * THEOREMS 

THEOREM NUMBER t *1? 

UFFt *PfX.YY.<iY>.7) 



-» < (R< Y-y. t, >>-> (V-Y5IS 



t * RULES 
NMU *SPS 
FhOMt * TH I S 



t*FINS 

1 



Fig. 1 6 . Specifying axioms. 
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6. Miscellaneous Commands 

Five mneumonics are reserved as special commands of the command language. 
Each will he mentioned, although not always elaborated on. The description of 
the instructional program will be completed with a section on defining problems. 

Enter a Line (ENT) . This rule should usually not be available to a student. 
Like WP, ENT expects the user to type a well-formed formula. Unlike WP, nothing 
is being asserted. No proof procedure is beginning sc, no procedure must be 
closed. If the line typed is the problem expression itself, then the program 
thinks the problem is solved. 

While the ENT 1 rule may be used to type in expressions to determine whether 
they are well formed, it usually is used to debug the curriculum without 
constructing an entire proof, or to quickly finish a problem that has given the 
user too much trouble. By requesting this problem at another time, he can 
retry it when he feels better prepared to do so. At line n., the format is 

ENT (n.) <well -formed formula> 

Delete the Last Line (DLL) . The user conceivably could request a working 
premise or a GEN to indicate the beginning of a derivation procedure and then 
could decide, any number of lines later, that the strategy he chose was 
incorrect <» By the rules of construction, however, he either must close off 
the procedure or delete the command that denoted tie beginning. The delete-the- 
last-lixxe rule (DLL) lets the user delete the last line from consideration. 
Another use for DLL is to delete a sequence of irrelevant lines that are only 
confusing the user 1 s perception of the problem. 

DLL alone permits the deletion of the last line of the derivation or proof. 
If the last line is a working premise, then the line is removed as a conditional 
premise. If a GEN request occurs after the last line, then that request is 
eliminated. 

The format is Cline number> DLL 

The DLL rule lets the user delete more than one line at a time. All the lines 
of the derivation or proof, beginning with dine number>, are deleted. If the 
derivation already has n lines and the command given is j DLL where j < n, 
then the lines J,j+1, --.,n are deleted. The derivation under consideration is 
now j-1 lines long. The only restriction on this rule is that no premise 
entered as part of the statement of the problem can be deleted. 
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INIT . The INI command, if permitted by the curriculum writer for the DERIVE 
or FFOVE problem being presented, defers solution of the problem until the 
student decides he is ready to cont inue * By typing INIT, the student announces 
his desire for the initiative to request his own DER IVE or PROVE problems, or 
to derive a new RULE of inference (see page TO on defining problems) . 

When the student types the usual terminating command, FIN , the system 
returns to the problem originally interrupted. The problem is presented anew. 

If the student, while he had the initiative, specified lemmas or rules, he could 
now use them to solve his current and future problems. Appendix IV, problem 

5, contains an example of the INIT command. 

7 . Interfacing Mechanical Theorem Prove rs to the Instruct ional System 

SHOW * The instructional system under discussion was designed primarily 
for teaching the construction of derivations and proofs. The system 1 s command 
language leaves most of the typing of newly generated lines to the computer 
and relieves some of the tediousnesr-; In the student 1 s work. Supposedly, this 
only leaves him with the task of 'thinking out the stages of the proof. But 
trivia is also tedious. No mathematician, when constructing a complex proof, 
relishes trifling with the laws of commutativity, or simple term eliminations, 
i.e., obtaining those results normally introduced by 1 obviously 1 or Clearly 1 
in mathematical discourse. As students of mathematics are introduced to more 
intricate problems., they too tend to produce less rigorous proofs, yet ones 
clearly valid to the trained eye. We would like to emulate this behavior--to 
provide some mechanism by which a student can say to the computer "This line is 
obviously a valid inference from the work which I have already done, an I from 
instances of such and such axioms and theorems." 

We simulate the ability of the 1 trained eye 1 by giving the student access 
to a SHOW command by which he communicates with a mechanical theorem- prover. 

The theorem-prover decides whether a new desired line is in fact a trivial 
deduction from the set of formulas cited. Before revealing how the simulation 
was carried out and whether our initial results seem promising, we offer an 
illustration. 

In the proof in Figure l8, B is a three-place predicate denoting 11 betweenness. 



Insert Figure 7.3 about here 
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C U ((NOT Y • Z>* B<X#'.-‘*>>* B(Y*Z*V> 

C2> B(Y#Z«V> 

B(X#YiZ)->B(2;jYiX) 
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t*lRC 

t*AXB 
Xt t*Y 
Y1 **Z 
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<*3*&AA <4) 
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from lines of the derivation? 

FR cm" AXIOMS OR THEOREMS? 

II*AXB B(X*Y* Z> -> BCZjY.'X) 
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• • 







Fig. 18 . A proof using the SHOW command. 
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where B(X,Y,Z) states that point Y stands between points X and Z on the straight 
line they define. The axioms were listed earlier ^page 22). The problem 
rendered below was given to a number of college students. Those who solved it 
came up with proofs ranging somewhere between kO and 70 lines. One student 
discovered a 17-line solution that was shortened to 10 by using a SHOW command 
to skip trivial sequences and commands for forming and separating conjunctions. 

The student makes the claim that line 5 is a trivial deduction from lines 
1 and 4, and from a particular instance of axiom AXB. The theorem- prover 
decides the claim is justified, and the new line is accepted. The fact that 
the formula on line 5 might not be proved by the theorem- prover does not 
necessarily imply that it is not derivable. It only suggests that the formula 
does not answer our criterion for triviality. Note that the student, not the 
theorem- prover, is required to specify the proper substitution sequence for the 
axiom. Contrary to the usua_ aims of development and use of mechanical theorem- 
provers, the prover does not have to perform complex analyses. That is left 
to the student. While the theorem- prover is used only to remove trivial 
manipulations, the determination of proper instantiation often is not trivial. 

For the SHOW routine, the instructional system was connected to a theorem- 
prover based upon the Resolution Principle [Robinson, 1965 and J. Allen & D. 
Luckman, 1970] , a refutation scheme by which a statement is proved true by 
showing that the conjuction of its negation wixh all known true statements 
in the logical system at hand is inconsistent. Successful interface of the 
prover with the instructional system requires computation of the set oi clauses 
on which the theorem- prover performs its resolutions. In order to compute uhese 
clauses, the program must form the Skolem transformation of each line of the 
derivation and of each instance of an axiom or theorem which the student claims 
should be considered by the prover in its deduction process. Computation of the 
Skolem transformation requires obtaining the prenex normal form of the formula 
by a routine that is also used in determining the closure for a formula. 

(Appendix I contains an algorithm for computing the Skolem transformation of a 
formula.) The set of clauses for the above problem is exhibited in Figure 19 
as axioms 1-5, the negation of the problem statement as axiom 6, and the solution 
is given as the tree of resolvants. 



O 
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Axioms 



1. nE(Y,Z) 

2. B(X,Y,Z) 

3. B(Y,Z,W) 

4. B(W,Z,Y) 

5. -,B(X,Y,Z) B(Z,Y,X) 

6. E(Z,Y) ->B(W,Z,Y) -,B(Z,Y,X) 



Resolution Tree 




Fig. 19 * Proof* “based on the Resolution Princ iple . 



Although theoretically one might expect this approach to the SHOW command 
to work, numerous difficulties were encountered in experimental endeavors. 

Some difficulties are apparently due to the interactive nature of the theoiem- 
prover used and to the strategies required to improve the efficiency of the 
search for a proof [Luckham, 1970]* For the most part, published results seem 
to indicate a high dependency on the part of the program for human intervention 
in order to add new clauses (lemmas) or to change the set of strategies. This 
need for intervention, while often suitable for research, is not acceptable for 
teaching purposes. The stumbling block seems to be the determination of those 
settings of the search- strategies which will, in fact, permit a solution to be 
found within the time and space constraints. There is no obvious way, either 
from the structure of the expression, or from some interpretation of it, to 
determine which strategies to use. Since the student should not be required 
to interact with the theorem- prover, one set of strategies anticipating the 
kinds of problems the students will think of must be used for a given group of 
problems. The problem given in Figure l8 was not solvable by the theorem- prover . 
Apparently the program got confused because the search- space consisted entirely 
of ground clauses. Trouble also arose with theequality strategy ( paramodulation) 
which would not substitute a constant for a constant/ As a result, many simple 
problems in group theory were not solvable- It would seem that, to implement 
a satisfactory SHOW command, the development of new strategies for resolution, 
or of theorem- provers with heuristic devices more closely linked to a particular 
range of problems, would fare better. 

HELP. As mentioned in the introduction to this report, one of the important 
analysis problems faced in an instructional system for teaching the notion of 
mathematical proof is to help the student when he encounters difficulty in 
completing a proof or derivation. If the computer is to simulate the human 
tutor' s ability to show the student how to proceed, the computer must be able 
to analyze and respord to the details of the student's work. It should not 
merely produce prestored answers to anticipated questions, or hints to 
anticipated difficulties. If the computer is to be able to adapt to the 
immediate needs of each student, it must be able to extract information from 
each student' s responses, especially when they are only partial or erroneous, 
so as to initiate a dialogue relevant to what the student has been doing. 
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* This is an error in the program made available to us, not with the paramodulation 
strategy it self • 



70 



6 3 



In order to sustain an informative dialogue, and thereby to realize a 
mechanized tutor, a heuristic theorem- prover was written. Ideally, a theorem- 
prover knows how tc do the proofs the students are required to do. The 
theorem- prover can find solutions to problems that have premises. If one 
assumes that the lines the student has already requested are premise lines, 
then the theorem- prover can take them into account when it tries to discover a 
derivation. In this manner, the computer tutor is able to deduce what the 
student has already done in terms of what lines of his work can actually enter 
into a complete derivation. Using the information obtained by the theorem- prover , 
the computer can initiate a dialogue that will direct the student towards a 
successful solution of the problem. 

To test this idea, a heuristically-based theorem- prover was written i^hat 
solves problems of an Abelian group. The theorem-prover was interfaced to the 
instructional system via the command HELP . Any time the student feels the 
need for advice on how to continue, he types this command. The theorem-prover 
then attempts to find one or more solutions that take into account lines already 
generated in the derivation. The information so gained is given to a dialogue 
routine that proceeds to tutor the student. The precise details of how the 
theorem-prover operates, especially of how it is able to select several possible 
solution paths, as well as a description of the dialogue itself, will be given 
in a subsequent report [Goldberg] . 

PART IV. DEFINING PROBLEMS 

The basic intent of this instructional program is to provide an interpretive 
system under which a user can explore the notion of mathematical proof. The 
emphasis is on self- exploration, not on the working through of a predetermined, 
linearly organized set of problems. Thus, two forms of curriculum specification 
are described: the syntax for problems that are stored on some peripheral 
device (such as the disk), and the commands the student has available for 
requesting problems at runtime. Recall that the command INIT (page 59 ) gives the 
student the option to interrupt the prestored curriculum on which he may be 
working and to switch to the second form of problem specification. 
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1 . Pre specified Curriculum - TEACHER Mode 

The syntax for curriculum stored on a peripheral file is given below. 

There are three types of problems: 

1 . A question that requires as an answer, a string of 
characters representing a letter, word, or number j 

2. A derive problem, with a sequence of premises, for 
which the user constructs a derivation^ and 

3* A pro ve problem, i.e., a derive problem with no 

premises, for which the user is required to construct a 
proof. The expression so proved will have a name 
associated with it. The name labels the expression as 
either a theorem or a lennna 0 All theorem names have the 
form TH<positive integer> ,* names for lemmas are strings 
of one or more alphabetic characters. 

The syntax presented is not true in the sense that all possible strings 
that can be generated from the grammar do not have meaning in the interpretive 
system. The acceptable groupings of the commands, including those which are 
optional, follow. Notice that it is necessary to enclose each problem within 
matched pairs of parentheses for the convenience of the LISP input function 
READ. In general, the entire problem, as well as any arguments to a command 
element are delimited by paired parentheses. The exception is COMMENT , which 
requires quotation marks to enclose the actual text to be printed. An 
illustration of problems for elementary algebra is offered in Appendix xll. 
Appendix IV is the interaction of a student presented with these problems. 

Syntax for Problems on the Curriculum File . 

: := [ <problem number>(<problem type> <problem statement> 

<re strict ions> <answer>] 

: := a dec imal number used for sequencing the problems 

: := DERIVE | PROVE | QUESTION | Q 

::= (<well-formed expression>] 

PREMISE (<well-formed formula>) | P (<wff>) 

COMMENT "<text of the comment or quest ion>" | COM 
NAME (<positive integer >) 1 

NAME (<string of alphabetic characters>) | 



<problem> 

<problem number> 
<problem type> 
<problem statements 



72 



65 



<restrictions> 



Cpossible restrictions> 



<ansver> 



Clower bound > 
<upper bound> 



:= RESTRICT (Cpossible restrict ions>) 

:= (YES<list of code name s>) Cpossible restrict ions> | 
(NO<list of code name s>)<pos sidle restrictions> | 
(ADIKaxiom or theorem name>)Cpossible restrictions> [ 
(BLOCK) (possible restrictions) | 

$ 

: := ANS (<string for the exact matc’n>) | ANSWER (<string>) 

RANGE ( Clower hound> <upper hound>) | 

ALIST (<list of possible answers>) | 

PROOF Note: If an answer is more than one 

item long, it is enclosed in 
parentheses in the ALIST. 

: := integer number | NIL 

: := integer number | NIL 



Acceptable Groupings of Problem Commands . 

Question problems 

X. [<humber> (QUESTION COMMENT "the text of the question" 

ANSWER (an atomic answer] 

2. [<humber> (Q COM "the question text" 

RANGE (<Lower bound> <upper bound>] 

5 . [<number> (Q COM "text” ALIST (list of possible answers] 

Note: Q, CCM, and ANS are abbreviations for QUESTION, COMMENT, and 

ANSWER, respectively. In 2., the answer is a number N such 
that <Lower bound> < N < Cupper bourd>. In 3 ., the list of 
answers is (al a 2 (a 2 a^-)), i.e«, a list of atoms and sublists. 



Derive problems 

[<number> 

(DERIVE (Cwell-fomed formula>) 

COMMENT "text of something the teacher may want to say about the problem 
PREMISE (Cwell-formed formula>) 

PREMISE ( Cwell-formed f ormula>) 

RESTRICT ((YES list of rules) (NO list of rules) (ADD name of an axiom, 
rule, or theorem) ( BLOCK) ) 

PROOF] 

Note: COMMENT, RESTRICT, and PREMISES are optional. Any number of 

premises, including none, may be included. 
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Prove problems 

[<number> 

(PROVE (<well-f ormed formula>) 

NAME (<positive integer or an alphabetic string of characters?-) 

COM "text 11 RESTRICT ((YES list of rules)(NO list of rules) (BLOCK)) 

PROOF] 

Note: If the name is a positive integer, then the name becomes 

TfKpositive integer?. After the problem is solved, the 
name becomes part of the command language. NAME, COM, and 
RESTRICT are optional. 

The RESTRICT option gives the curriculum writer special control over the 
command language. There are four possible control devices. 

1. In order to add new commands (axiom names, theorems, and 
rules) to a student’s command language, the optional list. 

(ADD <list of one or more names of axioms, rules, or theorems?) 
is included as one of the arguments following the word RESTRICT. 

2 . The writer may not want the student to interrupt the particular 
problem to be presented, i.e., use the INIT command. (Perhaps 
the curriculum is organized so that problems reference one 
another and the writer prefers to have a group of problems 
worked on in succession.) The interruption can be blocked 
with the argument (BLOCK). This option must appear in the 
specification of each derive or prove problem which the 
student may not interrupt. 

3 . The curriculum writer can also take special control over the 
actual solution to the derive or prove problem. He can 
insist that the student use one or more rules. These rules are 
included as an argument list beginning with the word PYES. 

4. Or, he can insist that the student find a solution without 
using certain commands. This is the list beginning with the 
word PNO. The student is allowed to complete a solution 
before the interpreter checks to see if that solution meets 
the restrictions. If a command is incorrectly used, the 
student will be asked to work the problem again. 



"Using a command" should he carefully defined since a student can request 
a command and then, without deleting it, not really have that command enter 
into the generation of the problem formula. The exact protocol of commands 
the student typed does not indicate if the student solved the problem within 
the restrictions set by the curriculum writer. Instead, a computed list of 
"relevant" co mman ds, i.e., commands which materially entered into the generation 
of the problem formula must be examined. The algorithm for computing the list 
of relevant commands is jiven in Figure 20. 



Insert Figure 20 about here 



2 . Commands for Requesting Problems in the STUDENT Mode 

The student requests only the derive and prove problems, not the questions. 
This give him a chance to rework his proof techniques, repeat problems he may 
have had trouble solving, try some easier problems if he feels he is not ready 
for the ones he is being given, or try more challenging ones. Any lemmas he 
proves become part of his command language and are thus available to him for 
later derivations. The syntax for requesting problems is compatible with the 
command language. 

1. To request a derive problem, the student types: 

DERIVE: <well-formed formula> 
p (l) <we 11 -formed formula> 

P (2) <well-formed formula> 



The P co mm and stands for "premise." It is similar to 
entering a formula for a working premise, but this line cannot 
be deleted by the DLL rule. Once the student starts typing 
commands other than P, he can no longer type the P command. 
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Fig. 20. 



Algorithm for computing the solution string— the list 
of commands used in generating the problem formula. 



Not at ionally , the list of commands is saved in an array named (COM x) , 
where i is the line number. (COM i) has the form: 

(<list of line numbers> (command name) <List of occurrence references> 
(<inf ormation following the colon>)) 




/D 
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To request a prove -problem, the student types: 

PROVE: <we 11 -formed formula> 

After the student completes the proof, the program 
will ask him for a 

NAME; Cstring of alphabetic character s> 

The student 1 s response, an alphabetic string, names 
the formula as a lemma which now becomes part of his command 
language . 

3. The student may also derive a new rule of inference if he 
feels it will help' him in constructing new derivations. 

The format is: 

RUIE: <name for the new rule — an alphabetic string> 

FROM: <name of an axiom or theorem in the students s 
command language > 

The same information has been requested here as was requested 
in the TEACHER mode version of deriving a rule of inference 
(page 54) and uhe identical processing algorithm is carried out. 

PART V. SUMMARY OF THE COMMAND LANGUAGE 

The convention is to underline items typed by the user/ all other information 
is typed by the program. Each user command is terminated by ar ALTMODE (Enter Key) 
which appears as a dollar sign ($) . In most cases, the ALTMODE is not shown. 

Note that the aser can type ALTMODE in order to escape from any command sequence. 

In the following, QJ is an individual variable, P a term, and cp, , are 

well-formed formulas (WFF) „ 

Instances of . Axioms and Established Theorems 

1. Proper Substitution of a Term for a Variable,, 

<axiom, lemma, or theorem name> 

<variable>: : Cterm of instantiation> 




Cvariable>: : Cterm of instantiat io n> 

The substitution sequence continues for each universally 
quantified variable (whose scope is the entire formula) of the 
closed formula associated with the axiom, lemma, or theorem. 
Substitution is carried out simultaneously. 
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2. Proper Substitution for Predicate Letters and of Terms for Variables. 
PS : <name of axiom, lemma, or theorem> 

: ; <variable> : <well- formed uerm> 

: : <predicate letter> : 

The substitution sequence continues until the user types the 
ALTMODE key without one of the two possible substitution pairs. 

The substitution procedures are carried out iteratively. 

Proof Procedures 



1. 


WP 


Working Premise 1 




WP 


u) 


<WFP> i 


2. 


CP 


•| 

Conditional Proof I 




WP 


(i) 


i 

9 { 






(j) 


i \f j 




i.^CP 


(n) 


<P -» ♦ 


3- 


IP 


Indirect Proof (reductio ad absurdum) 




WP 


(i) 


2 






( j) 


♦ 






(k) 


NOT i 




i . .1 .kIP 


(n) 


NOT cp 


4. 


Introduce 


a variable of universal generalization 



GEN : <variable> 

OK If the variable does not occur free in any 

antecedent lines, the program types 'OK'; 
otherwise, an error message is given. 
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Universal Generalization 



5. UG 

GEN: a or, 

OK 

(i) cp(a) 

iUG : a (n) Vacp(a:) 

This version of UG need 
only check the last GEN 
introduced. 



alt ernat iveiy : 

(i) q>(a) 

IUG: Q! (n) Vaqj(a) 

This version of UG requires 
checking for oc free in any 
antecedent lines. 



Prim it ive Rules of Inference 

1. AA Affirm the Antecedent ( modus ponens ) 

( i ) cp -» 

(j) 9 

i. ,jAA (n) t 

2. Quantification Eules (and UG above) 

ES Existential Specification 

(i) 3a<p(a) 

iES 

a : : s (n) cp(p) where p must he new to the derivation. 

EG Existential Generalization 

(i) cp(p) ) 

1EG <sequence 'of occurrence numhers> 

q; ; p (n) Bacpl^a) where substitute a for each occurrence 

of P referenced. 

US Universal Specification 

(i) Vacp(a) 

iUS 

a : : P (n) cp(P) 
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3- Logic of Identity IDS and IDC 

(i) cp(P) 

ilDC <sequence of occurrence numbers> 

a : p (m) Va(a=P -» 9(a)) 

m IDS (n) cp(P) 

4 . Interchange Rules RE and RQ 

(i) cp(«) 

(j) o:=p 

i.jRE Occurrence number> 

(n) cp(p) where replace p for the free occurrence 

(o) qp(ty) of OL referenced. 

(p) 

i.jRQ cooccurrence num.be r> 

(q) cp( ^ f ) where replace for the occurrence 

of referenced. 

5 . Generalized Interchange Rules— short forms of axioms and theorems 
<Line number> <axiom, lemma, or theorem name> O ccurrence number> 

Miscellaneous Conmiands 

1 . Delete the last line DLL 

<line number> DLL 

All lines other than premises, beginning with <Line number> 
and continuing to the last line generated, are deleted. If IP and 
CP lines are deleted, the subsidiary derivation is no longer 
considered closed. 

2. Enter a line ENT 

ENT (i) <WFF > 

This command is useful for testing expressions for well- 
formedness or for debugging the curriculum without having to 
do the proofs. 



where substitute Oi for each 
occurrence of P referenced. 
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3 . Use of Mechanical The orem- Prove rs SHOW and HELP 

SHOW is described in Part II, Section 5- 
HELP is explained in Parts III and IV. 

4. Obtain the initiative to request problems at runtime. 

IN IT 



The student can enter any number of 
premise lines, continuing until he 
enters a command different from P 
or DLL. 



NAME: : <alphabet ic st r ing> 

After the proof is completed, the student may assign a 
name to be associated with the WFF . This name becomes 
part of the student's available command language. 

c. Derive a new rule of Inference. 

RUDE: <name of a new rule> 

FROM: : <axiom, lemma, or theorem name> 

The new rule results from the algorithm presented in 
Part III, Section 5- 



a. Derive problems 
DERIVE: <WFF> 

P (l) <WFF> 

p (2) <WFF > 



b . Prove Problems 
PROVE: <WFF> 




Derived Rules of Inference 

The general format for a derived rule of inference is: 

<sequence of NOP line numbers^ "Cname of the rule^* . 

The line numbers refer to lines of the derivation or proof which must match 
the corresponding premises of the rule. The premises are patterns (under 
the name PATTERN) on the property list of each rule listed in Appendix II. 
Note that the logical connectives are written as variable names (e.g., 
"ARROW", "ORSGN"). After the teacher has specified the vocabulary, the 
variables in the rules are replaced by the corresponding logical constants. 
The RESTRICT options are written as LISP S- express ions . The procedure that 
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processes derived rules evaluates these S-expressions in order to check 
for restrictions on the values of the dummy variables or the requested 
expressions (REQ), or to (re)compute substitution pairs for the substitution 

list. 
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Appendix 1 



\ 

] 

i 

i 

i 

i 
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Forming Clauses for the Formal Theorem- Frover 

1. SKOLEM TRANSFORMATION routine 

Belov is a sketch of the seven functions used to form the Skolem 

transformation of a formula cp. 



input string T *- <P 
CLOSURE tj tj 
ELIMARROW r\ -> tj 



NEGSCOFE r\ 



DISTR Tj -?■ 



>1, 

Ensure that the formula n is a closed formula. 

Eliminate the implications signs. 

So all occurrences of the pattern 
(-» A B) Become (OR(nA)B). Any more 
occurrences of (— » A B)? 



NO 

I 



YES 



Reduce the scope of the negations signs. 
Each negation sign (- 1 ) should apply to at 
most one predicate letter. So all the 
occurrences of: Become: 



(i(& A B)) 
(n(ORAB)) 
(i(iA) ) 
(-,(3 x A)) 
(“<(V X A)); 



(or(-iA) (-<b) ) 

(&(-,A)(-,B)) 

A 

(V x(iA)) 

(3 x( n A)) 



NO 



YES 



DistriBution laws for the 
are applied. All the occurrences 
of; "become: 

(0R(3 x A) (3 x B)) 

(&(V x A)(V x B)) 



r 

quantifiers 3 and V 



(3 x(0R A B)) 
(V x(& A B)) 



NO 

* 



YES 




a 

1 . 

1 



FRENEX T| -> T| 

rj is now in the 
form &cp where 
& is a string of 
quantifiers and 
qp is the matrix. 



CNF *n -* T] 

rj is now in the 
form Sep 1 where 
cp 1 is cp in 
conjunctive normal 
form. 

SKOLEM r — > rj 



Standardize the variables — rename variables 
to ensure that each quantifier has a unique 
dummy variable. This is done while moving all 
the quantifiers to the front of i\, preserving 
order. If a is a variable of generalization, 
renamed as a 1 , the cp is within the scope of 
the quantifier, then any Qi contained in cp is 
renamed as a* . In order to ensure that the 
actual binding operator still binds the 
original variables within its scope, 
variables of generalization which occur in 
a cp are also renamed as above » When a 
variable of generalization is found which has 
already been renamed, it is renamed again. 
Thus, order and the scope of binding 
operators are preserved. 

I 

Conjunctive Normal form: 

The matrix cp resulting from PRENEX t| is put 
into an equivalent form which is the 
conjunction of a finite set of disjunctions. 
(OR A (&B C)) becomes (&(0R A B)(OR A C)) 

Eliminate the existential quantifiers. 

The usual skolemization is carried out 
with the skolem functions represented 
as f<i>, 1=1,2,.... The universal 
quantifiers are dropped. 

' Y 
n 
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2 . Isa formula CLOSED? 
\|r _» ELIMARROW -» i\ ~ 



-S>- NEGSCOPE T| — > T| 



->• DISTR T) — » T) 




Variables in cp have been 
standardized with numeric 
terms. VARS *- list of 
nonnumeric variables still 
in cp 



FRENEX 

T1 -» T] 

of form 
Sep 



matrix *■ cp 
QVAR *■ variables 
of generalization 
in T) 



FORM a CLAUSE from cp 

A clause for the theorem- prove r is a disjunction of literals where a 
literal is either an atomic formula or its negation. 

SKOLEM TRANSFORMATION cp -> T) 

V 



qp 



CONJLIST 

ri -> ri 



DISTLIST 



L *■ eliminate xhe conjunction sign. 

L is a list of all the conjuncts; essentially 
all occurrences of (& A B) becomes the list (A B) . 

All terms which are constants must be nested* in 
list form* one list deeper. All disjunctions are 
eliminated so that a clause becomes a list of the 
conjunct s which in turn are a list of the disjuncts. 



O 
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Appendix II 



The Rules of Logic 



AA *AFFiRM THE ANTECEDENT 

PREMISE (CAFHOW 7.PZ ZQZ). ZPZ) 

CO«CL ZQZ 

nop m 

OC ★COMMUTE CONJUNCTION 

PR£,«ll£iE CCANDSGN ZSZ ZPZ)) 

OONCL ( ANDSGN ZPZ ZSZ) 

NOP I 

OCCUR l 

CD ★ COMMUTF. DISJUNCTION 

PREMISE ( (ORSON ZSZ ZPZ)) 

OONCL (ORSGN ZPZ ZSZ) 

NOP 1 

OCCUR I 

C£ ★COMMUTE EQUALS 

PREMISE (CEQSIGN ZAZZBZ)) 

OONCL (EQSIGN ZB Z ZA Z) 

NOP I 

OCCUR I 

DC ★DENY THE CONSEQUENT 

PREMISE ((ARROW ZQZ Zfi Z) (NEGSGN Zh Z) ) 

OONCL (NEGSGN XQ Z) 

NOP 2 

CD + DENY THE DISJUNCT 

PREMISE ( (ORSGN ZSZ ZPZ) ZR Z) 

OONCL ZQZ 

NOP ' 2 
(DEFPROP RESTRICT 

( (( DENIAL (CADR (ASSOC (QUOTE ZSZ) MAINSUd)) 

(CADR (ASSOC (QUOTE ZRZ) MAlNSUB))) 

(SETQ MAlNSUB (SUBST (QUOTE ZQZ) (QUOTE ZS2Z) MAlNSUB))) 

((DENIAL (CADR (ASSOC (QUOTE ZPZ) MAlNSUB)) 

(cadr (assoc (Quote zrz) mainsub))) 

(SETQ MAlNSUB (SUBST (QUOTE ZQZ) (QUOTE ZSZ) MAlNSUB))) 

(T (ERRMSG 56))) 

EXPR ) 

£rt ★DEMORGAN’S LAWS 
PREMISE (OR 

((ANDSGN ZC ? ZR Z)> 

( ( ORSGN ZQ Z ZR X) ) 

( ( NEGSGN (ANDSGN ZQ Z ZF Z) ) ) 

((NEGSGN (ORSGN ZQZ ZRZ)))) 

OONCL (OR 

(NEGSGN (ORSGN ZPZ ZSZ)) 

(NEGSGN (ANOSGK ZPZ ZSZ)) 

(ORSGN ZPZ ZSZ) 

(ANDSGh ZPZ ZSZ)) 

NO? I . 

(DEFPROP RESTRICT 
(AND (SETQ MAlNSUB 

(APPEND (LIST 

(LIST (QUOTE ZPZ) 

(COND 

((AND 

(NOT 

(ATOM 

(CADR (ASSOC (QUOTE ZQZ) MAIKSUU)))) 
(EQ 

CCAADR (ASSOC (QUOTE 7.0 Z) MAlNSUB)) 
NEGSGN) ) 

(CADADR (ASSOC (QUOTE 7.G Z) MAlNSUb))) 

(T 

(LIST NEGSGN 
(CADR 

(assoc (Quote zgz). mainsub) >>.)>)) 

MAlNSUB)) 



o 



j 

\ 
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CSLTC. MAI NSUC- 
(APPtfv 



•XPR) 



(LIST 

(LIST (QUOTE. TO/.) 

(CONL 
l (AM; 

( NC I 

CftTOi*. „ .• . ... 

(C*t>h (ASSOC <f:uOTt. TkX) \AlV,ur))0 
( '-Q 

(C A Aim (ASSOC (OuOTl. Sf- •« ‘WliSluUJ 
CCADAOh^ (ASSOC (QUOTE 7h Z> 1A 1 N.>Uc.) > ) 

rr 

(LIST Sc.GS3N 

C A J30 C ( U -jOT L Zh Z ) MA i W- J* >)>)>> > 

.lAl.'iSUi..)) ) 



*■ ;jO uL Li NiCiATlON 



PR Ettliii- 


(CP 






( (UEGSGN ( SEASON X5 2) ) ) 






( ( ZS 7.J ) ) 


OONCL 


(OR 





7.£ Z 

( NEGSGN (NEGSGtr 7.S Z) > ) 

r.or 1 



£E ♦DISJUNCTIVE SYLLOGiSb 

PREMISE ( (0R3GN ?.? Z *i 2) (ARROW ZP " ZSZ) (ARROW ZO T *R « > 
QOSC L (ORSON 7.S* ZK'O 

NOP 3 

pc *for:i a conjunction 



r'K EM 1 5 E ( !S " 7.W Z> 

OONCL (AKDSGN 7.S 7 . Z£ X) 

yap 2 



rD ♦ FOK.\ A DISJUNCTION 



PREMISE (ZSZ) 

UOrfCL (ORSSfi ZaZ kLCr) 

■vOr* I 



KS *HYPOTHETICAL syllogism 

PRLM3E ( (ARROW %P % JUS'S) (ARROW ZCZZHZ)) 
CX3UCL (ARROW ZP Z ZTiZ» 

KOP i 



LJ *LAU OF THE bICOKOl TIONAL 



PREMISE (OR 
OOi.CL (OR 

r.op i 



(CblCONO ZP 7. XP A ) ) 
^CANbSGN (ARROW ZP X *.1%) 

(ANUSGR (.ARROW ZPZ Z3 2) 
(o ICOHD" ZP 7. AC> X) ) 



(ARROW KG> % ZPZ)))) 
(ARROW ZO* ZPZT) 



LC *LtFT CONJUNCT 

PREMISE ( t A r DSoN ZS 2 2R ’i> > 
CORCL ZS 7 
Mi*P I 



Li *L0UICAL TRUTH 

OJRCL (= REN REQ) 

NOP 0 

f»EO T 

TYPE T 

; iC ^RUrtT CONJUNCT 

PREMISE ((ARLiSON %S X ZR X> ) 
XO J»C L ZR Z 

NC? 1 

T 
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Appendix III 



Sample Curriculum File 



MEANS 'COMMUTE ADDITION'. <* ALtf)WS 
you TO SWITCH THE TERMS AROUND THE... 



A) SIGN 

B) *+* SIGN 

C) •<* SIGN. n 
All ST (B /+] 



^CCM ■COMMUTE ADDTION IS AN AXIOM WHEREAS 
COW1UTE EQUALS IS A... 

A) maiiSE 

B) DEFINITION 

C) RULE GF INFERENCE." 

ANSWER (Cj 



[3 c& 



^ "HERE IS THE CA AXIOM: t >:-A. 

THE CA AXIOM IS A TRUE FQUA1 1 U; nC 
MATTER WHAT NUMBERS 'A' AND 'B ARE. 

WHICH 01 THESE IS AN EXAHPIE OF CA... 

A) 5 +4-3+4 

B) 5 +4=4 +5 

C) 4+3=9- * 

ANS (BJ 

[4 0^ffiRi 5 #A5 HCW TO USE TOE 

CA AXIOM: 

DERIVE: 5+4=4+5 

CA$ A+B=B+A 
A* *33 

B: :4$ <D 5 + 4 = 4 +5 

TRY THE PROOF. " . . 

RESTRICT ((ADD CA)) 



PROOF j 

[^I^D^IVE (13 ./+ 2 = 2 /+ 13) 



o 

ERIC 



4&I& ?HE SlI&xf^RK CF THE CA AXIOM." 
PREMISE (A /+ B= 6 /+ 3) 

RESTRICT ((NO RE)) 

PROOF J 



EE II 'A < 6' IS 



[7 (Q 

CCM "WHAT NUMBER CAN 'A' 

A TRUE STATEMENT?" 

RANGE (NIL 5] 

[8 (DERIVE (A < 6) 

P ((A 7+3 = 5) THEN (A < 6)) 

P (A /+ B = 3) 

PROOF] 

[9 (DERIVE (A=B) 

COM ■*£' STANDS FOR THE ZERO AXIOM: A+0=A" 

re^r{ct 0 (Tno ^E)(ADD Z)) 

PROOF] ’ 

[10 (PROVE (G /+ A = A) 

COM "Y0(J NOW KNOW FIVE AXIOMS TO USE IN PROOFS. 
RESTRICT ((BLOCK) (YES CA Z)) 

PROOF] 

£oM ^WE WIIL CALL EQUATION O+A^A, THEOREM 1" 
COM "SINCE YOU HAVE PROVED TJ1EOFEM 1, YOU CAN 
USE IT IN OTHER PROOFS. STUDY THIS... 

DERIVE 0+6=6 
TH1 . 0+A»A 
A::C (1) 0+6^6 

'TH1' STANDS FOB... 

A) THEOREM 1 

B) AXIOM 1 

C) RUI£ 1." 

ALIET (A (THEOREM 1J 

kc*i ^U^ I THeSrE^ + 1 7 IN THIS PROOF. " 

RESTRICT ((NO CA Z)) 

PROOF] 
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Appendix IV 

Using the Curriculum of Appendix III 



V 

t 

i 



I 



*< START) 

WHO ARE YOU < TYPE S OR T)? 

* 5S 

PLEASE TYPE YOUH NUMBER- 

#6S 

A DELE GOLDBERG 
OK? 

♦ YS 



•CA* MEANS * COMMUTE ADDITION*. CA ALLOWS 
YOU TO SWITCH THE TERMS AROUND THE... 



A) f - * SIGN 

B ) SIGN 

C) •<* SIGN. 

CBS 

CORRECT... 



COMMUTE ADDTION IS AN AXIOM WHEREAS 
COMMUTE EQUALS IS A... 

A) PREMISE 

B) DEE IN IT ION 

C) RULE OF INFERENCE. 

♦BS 

try again 

♦ cs 

CORRECT- -• 



HERE IS THE CA AXIOM K A>B»B+A. 

THE CA AXIOM IS A TBUE EQUATION NO 
MATTER WHAT NUMBERS *A* AND *B* ARE- 
WHICH OF THESE IS AN EXAMPLE OF CA... 



A) 5+A-S+A 

B) 5+ A- A* 5 
C> A+5-9. 

•BS 

CORRECT. • . 



A ' 

HERE IS AN EXAMPLE OF HOW TO USE THE 
CA AXIOM I 

DERIVE* 5+A-A+5 

CAS A+B-B+A 
A t t 5S 

Bt * AS < I ) 5 ♦ A = A ♦ S 

TRY THE PROOF- 

DERIVE < S ♦ A)»CA'+ S> - 

* ♦CAS 'A ♦ P » B ♦ A 
A * * * 5$ 

Blt*4* <1> <5 ♦ A)“ ( A ♦ 5) 

CORRECT ••• 

5 

DERIVE (13 ♦ 2>«<2 ♦ 13)^ 

ICINITS 

YOU CAN NOW REQUEST A DERIVE OR PROVE 
PROBLEM* OR DERIVE A NEW HULE 01* INFERENCE. 

THE INTERRUPTED PROBLEM WILL BE RESTARTEO 
IF YOU TYPE FIN . 

TYPE A DERIVE. FHOVE OR RULE COMMANO 
* ♦DERIVE* 2+3-B+3S 



DERIVE 


<2 


3)»<2 ♦ 3 > 






X ♦CAS A 


+ B « 


B ♦ A 






At t ♦BS 










Bt (♦SS 


< 1) 


< f; ♦ 3)* < 3 


♦ 


2) 


. t ♦ 1 CE1 S 


< 2) 


<3 ♦ 2>«<2 


♦ 


3) 


t * 1 • 2RE I S 


< 3) 


<2 ♦ 3>-<2 


♦ 


3) 



CURREC1 • « • 

TYPE A DERIVE. PROVE OH RULE COMMAND 
X ♦ F INS 

NOW REDO THE FHOBLEM YOU INTERRUPTED 
b 

DERIVE <13 ♦ 2)-<2 ♦ 1 3 > 

I ♦CAS A ♦ B » B ♦ A 
A* t ♦ 1 3S 

Bt t *2S < 1> <13 ♦ 8>-<2 ♦ 13) 

CORRECT. . • 
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6 

THY USING THL SHORTfOHM Of THE CA AXIOM « 

DERIVE CA + B)*C3 ♦ 6) 

p cl) (A + B)« C6 + 3) 

t*CAS A + B ■ B + A 
All *61 



B* l*3S 


C 2) 


C 6 + 


3)*C3 + 


6) 


1*1. 2RE1 S 


C 3 ) 


CA + 


B)»C3 + 


6) 



CORRECT* • • 

YOU MAY NOT USE RULE RE IN THIS PROBLEM 
TRY AGAIN 

DERIVE CA + 8)*C3 +6) 

p (1) (A + B)* C 6 + 3> 

* • I CASS <2> CA ♦ B)*C3 + 6) 

CORRECT... 

7 

WHAT NUMBER CAN *A' BE IF *A < 6* IS 
A TRUE STATEMENT? 

• AS 

CORRECT... 

8 

DERIVE A < 6 



P 


C 1 ) 


CCA + 3) * S)-»CA < 6> 


P 


CP) 


B * 3 


P 


f 3) 


CA + B>* S 


* *3- 2REIS 


C4> 


CA ♦ 3)» S . 


t * 1 « 4AASS 


CS) 


A < 6 


CORRECT. .. 






9 

*Z* STANDS 


FOR 


THE ZERO AXIOM* A+O-A 


DERIVE 


A - 


B 


F 


C 1 


CE + 0)*CA + 0) 



I * 

NO COMMAND REQUESTED? 



1 0 

YOU NOW KNOW FIVE AXIOMS TO USE IN PROOFS. 

PROVE CO ♦ A)- A 

* * IN I TS 

YOU MAY NOT REGUEST YOUR OWN PROBLEMS NOW! 

**ZS A ♦ 0 - A 
A * * • AS Cl) C A ♦ 0)- A 

* • 1 CAA< A> 1 $ CS> CO ♦ A>» A 

CORRECT. .. 

11 

WE WILL CALL EQUATION O+A-A* THEOREM 1 

SINCE YOU HAVE PROVED THEOREM 1* YOU CAN 
USE IT IN OTHER PROOFS. STUDY THIS... 

DERIVE 0+6-6 

THT 0+A** A 

All 6 Cl) 0+6*6 

* TH 1 * STANDS FOR... 

A) THEOREM 1 
B > AXIOM 1 
C) RULE 1. 

* THEOREM IS 
CORHECT... 



12 

USE THEOREM I IN THIS PHOOf . 

DERIVE CO ♦ 7)- 7 

l •TH I S 0 ♦ A - A 

At 1*1 S Cl) C 0 ♦ 7 ) = 7 

CORRECT... 

LESSON OVER... 

GOODBYE. • .ADEL E 
i 



**Z$ A + 

At **BS 


0 * ^ 
C 2) 


A 

CB + 0>« 


I*ZS A + 

Alt* AS . 


0 - 

C 3) 


A 

CA + 0)’ 


I*1«SRE1S 


C 4 ) 


B - C A + 


*•4. 3RE1S 


C S) 


B • A 


**CE1S 


< 6 ) 


A • B 


CORRECT.. - 
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Appendix V 



Some Sample Proofs 

The first proof given is of a theorem of logic which is motivated by 
Rus sells 1 paradox. Simply let be interpreted as the membership relation 

of set theory; then, the sentence to be proved asserts that there is no set 
which consists of exactly those sets which are not members of themselves. 

Special attention should he paid to the fact that some of the lines of the proof 
are justified on the basis of either universal specification or existential 
specification. Both of these rules involve proper substitution of a term A for 
a variable X- 

The second theorem of first-order logic for which a proof is provided is a 
variant of Russell's paradox (again, for *F* read *e'). The antecedent of the 
theorem is an instance of the well-known Aussonderung : axiom due to Zermelo 

(thus, sometimes referred to as « Zermelo' s Axiom'); it asserts the existence 
of those sets which are a subset of some given set as defined by some well-formed 
formal a of the language. It is expected that from this axiom one can prove 
the non-existence of the troublesome universal class and this is what the 
consequent of the theorem asserts. Note that instances of previously proved 
theorems are needed for the proof. Of special significance is the fact that in 
obtaining these instances substitution for predicates is needed; for example, 
the for mu la 'F(v,v)' is substituted for the O-place predicate *Q' . 

The third example is an alternative derivation of the fact that the universal 
class is not a set. Premise (l)’ asserts that every set is such that the cardinal 
number of the class of all subsets of it is greater than the cardinal number of 
the set itself; this is, of course. Cantor’s theorem. Premise (2) asserts that 
the class of all subsets of a given set is itself a set; this is the Power Set 
axiom of axiomatic set theory. Premise ( 3 -)' asserts that for sets x,y such that 
y contains x, it is not the case that the cardinal number of x is greater than 
the cardinal number of y. The final premise asserts that the universal class 
contains every set. 
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DRK1 VE 


NOT (F. 


Y( A 


X(F(X,Y) IFF (NOT F(X»X))?)) 


1 *W PS 


Cl) 




*E YCA X( F ( X* Y) IFF (NOT ( FC X* X ) ) ) ) ) I 


I *1 1< 1>ESS 
Yl!»z$ 


(2) 




A X(F(X,Z) IFFCNOT FCX*X))) 


(♦SUSS 
Xt (♦ZS 


(3) 




FCZj 70 1 FF' (NOT FCZ*Z)) 


l ♦ 3LRS 


(A) 




(F(ZjZ) -XNOT F (Zj Z) ) )* ( (NOT FCZ,Z)> -> F(Z#7)) 


I*4LCI 


(5) 




F(ZaZ)->(«NOT F(ZaZ)) 


l ♦ ARCS 


(6) 




(NOT F(ZjZ))-> F(ZjZ) 


(♦UPf 


(7) 




♦NOT F(Z»Z)S 


1 *6* 7AA1 


( R ) 




F(Z.Z) 


t *7.7.fllP* 


(9) 




F(Z^Z) 


(♦UPS 


( 10) 




*F(Z*Z)S 


t*5. 10AAS 


( in 




NOT F(ZjZ) 


1* 10* 10*! 1 IFS 

( 18) 




NOT F ( Z*Z ) 


1*1.9. 12 1 PI ( 13) 


NO T ( E YCA V ( F (X* Y) IFFCNOT F(X»X))))) 


CORRECT. - • 








DERIVE 


CA ZfE YCA XCFCX.V) IFFCFCX.Z) *CM01 F C X, X ))>))))-» fNOTt E 
Z( A X F(X.Z) ) >) 


- i*WPS 

> s 


Cl) 




♦ A Z ( E Y (A X(FCXjY) IFF (F(X* Z)* (NOT F(V#X))))) 


1 * WPI 


(2) 




♦E Z( A X F(XjZ) )4 


1 ♦ SESS 

Cl i ♦ws 


(3) 




A X F(XjW) 


*♦ 1USS 

Zl »*«» 


CA) 




E YCA X(FCXjY) IFF(F(X,W) SCNOT FCX*V))))) 


(♦AESS 
V I 1* vs 


(5? 




A X < F ( y w V ) IF’F CF CX»V ) *(N0T F(X*X)))) 


(♦SUSS 
XI l+VS 


(6) 




F(V»V)IFF(F(VjW) 4 (NOT F(V,V))) 


(♦PStTHAS 




(0 


IFF(B «CNOT 0 )))->*» IFFCC 4 (NO T C))). 



i i*Qt KV#V» 

I I*hi FCX.tnt 
I i*XiVS 
I t*J 

C7) 



(F(VjV) IFFCFC W W) A(NOT 

I>F(KViV) ft (NOT FCV,V)))) 



1 *7« 6AAI (R) 



l ♦PStTHRS 

i i*otFcy.V)S 

t t»s 



KV#W)IFK(KV< V) SCNOT FC(/#0>)) 
NOT ( C 4 (NOT U>) 



2 





C 9 > 




N01CKCV*V) A C NOT F<WV)>) 


1 • ALE'S 


C 1 0) 




( K ( V j W ) ->CFCU,V;) ACNOT FC V# V ) ) ) > * C C f C V# V) 
A (NOT F C V* V ) ) ) -> FCV#W>) 


1* 1 OLCS 


C 1 1 > 




FC V# W) — >CFCU*V) A C M 0 T FCV,0))) 


1*1 1 • 9DCS 


C 12) 




NOT FCV>V) 


l*3USS 
Xt 1*V$ 


C 13) 




b (V* W) 


:*g. 12* 1 31 PS 

C 1 cn 




MOICE 2(A X PCX, 2))) 


: *1 . 14CPS 


C lb) 


<A ZCE YCA XC?(X,Y) IEFCFCX,2) ACNOT FCX, X )))>>) >“>« 
NOTCF 2CA X F(XjX)>5) 


CORRECT* • 


• 






DERIVE 


NOT S 


U 




t*PS 


<1 ) 


*A 


X(SCX)"> G<A<B<X)>*A<X> ) )* 


t*PS 


ca> 


♦A 


X<S<X)->SCB<X) ) >s 


**PS 

* 


C3> 


*A 


XCA Y<<SCX) A S(Y))->CC<Y>X)-> 
(NOT GCACX) *ACY> > > ^ ) 



*a x<s<xa->c<u#x>>* 



+S<U)S 

s U-> S B U 
S B U 

A YCCS B U A S Y) • > C GCY #8 UJ ~*<M07 GCA B U# A Y 
)>)) 

<S B U 1 5 U)«>CCCU>B U> ->CNOT GCA B U*A U>>> 

S B U* S U 

C(U«B U>*>CNOT GCA 9 U#A U)> 

S B U-> C CU » B U> 

CCU.B U) 

MOT GCA B U*A U> 

5 »)-> GCA B U#A U> 

GCA B U#A U) 

NOT $ U 



**WPS <5> 

t*eus* 



Xl l*US 


(6) 


»*6 «5AAS 


<7 ) 


l*3USS 

XI«*BCU)S 


C8) 


t*BUSS 

Yts+US 


C9) 


1*7 .SFCS 


CIO) 


t*9« 10AAI 


c i n 


l*4USS 

Xtl*BCU>S 


C 12) 


f *1 2 *7 AAS 


<13' 


1*1 1 • 1 3AAS 


CIA) 


»*iuss 

X»«*US 


CIS) 


1 * 1 s *saas 


C 16) 



»*5 • I A • 16 IP® 

C 17 ) 

CORRECT •• • 



94 

o 

ERIC 



3 




(ConUmOd from lre»ld« lr<Kit 



97 



4 , and R. M. Shtfft-tn. 

i. F*svteh^ W 1 9*»7 >' *•> !' 27.7-300 •£•''' 5 



R. C. Atkinson, J« W. 

April !3 # I966. O. 

P-r; Sl 

m »t«U»tlc»l : 



______ StlPUlUS^ . ; ~ I>T -. 







/ s ( Continued From in&ide biack 








